Threat intelligence dashboard
Today's CVEs, attack reports, and CISA KEV — CVSS, EPSS, and MITRE context at a glance.
Attack reports – last 7 days · through Tuesday 7 July 2026 (22)
-
Confidence 100 20 MITREs 55 IOCs 55 Observables
-
Confidence 100 1 Malware 26 IOCs 15 Observables
-
Confidence 100 12 MITREs 4 Malwares 13 IOCs 9 Observables
-
Confidence 100 20 MITREs 14 IOCs 14 Observables
-
Confidence 100 20 MITREs 2 Malwares 9 IOCs 2 Observables
Vulnerabilities today (77)
Missing Authorization vulnerability in Armiya Information Technologies Ltd. Co. Access Control System (GKS) allows Collect Data from Common Resource Locations. This issue …
- Attack vector
- Network
- Complexity
- Low
- Published
- 07/07/2026
Improper verification of cryptographic signature vulnerability in HAVELSAN Inc. Liman MYS allows Fake the Source of Data. This issue affects Liman MYS: …
- Attack vector
- NETWORK
- Complexity
- HIGH
- Published
- 07/07/2026
A path traversal flaw was found in SSSD's AD GPO provider. The ad_gpo_extract_smb_components() function does not sanitize .. sequences in the gPCFileSysPath …
- Attack vector
- NETWORK
- Complexity
- HIGH
- Published
- 07/07/2026
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the GET /invitations/{uuid} endpoint can perform …
- Attack vector
- Network
- Complexity
- High
- Published
- 07/07/2026
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.466, the Logs::mount() component looks up resources …
- Attack vector
- Network
- Complexity
- Low
- Published
- 07/07/2026
FOSSBilling is a free, open-source billing and client management system. In versions 0.5.6 through 0.7.2, when a `ClientPasswordReset` record already exists for …
- Published
- 07/07/2026
Authorization bypass through User-Controlled key vulnerability in Idvlabs Software and Consulting Services Inc. Ontime allows Exploitation of Trusted Identifiers. This issue affects …
- Attack vector
- Network
- Complexity
- Low
- Published
- 07/07/2026
Authorization bypass through User-Controlled key vulnerability in Idvlabs Software and Consulting Services Inc. Ontime allows Exploitation of Trusted Identifiers. This issue affects …
- Attack vector
- Network
- Complexity
- Low
- Published
- 07/07/2026
A flaw was found in GIMP's PSD parser. An integer overflow in read_RLE_channel() can cause an undersized heap allocation for the RLE …
- Attack vector
- LOCAL
- Complexity
- LOW
- Published
- 07/07/2026
Relative path traversal vulnerability in MicroRealEstate file upload functionality allows attackers to potentially overwrite system files. This issue affects MicroRealEstate: through 1.0.0-alpha3.
- Published
- 07/07/2026
Broken object-level access controls and the use of a deterministic pattern during random ID generation in MicroRealEstate allows attackers to access documents …
- Published
- 07/07/2026
MicroRealEstate is affected by broken object-level access controls in PDF generator functionality. This issue affects MicroRealEstate: through 1.0.0-alpha3.
- Published
- 07/07/2026
FOSSBilling is a free, open-source billing and client management system. In versions 0.5.3 through 0.7.2, the Guest `serviceapikey/get_info` API endpoint is accessible …
- Published
- 07/07/2026
FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, a race condition in the cart checkout flow …
- Published
- 07/07/2026
FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, an unauthenticated mass assignment vulnerability in the client …
- Published
- 07/07/2026