216.73.216.89

Threat intelligence dashboard

Today's CVEs, attack reports, and CISA KEV — CVSS, EPSS, and MITRE context at a glance.

Attack reports – last 7 days · through Tuesday 7 July 2026 (22)

Vulnerabilities today (77)

Sorted by CVSS severity (highest first)

8.2 High

Missing Authorization vulnerability in Armiya Information Technologies Ltd. Co. Access Control System (GKS) allows Collect Data from Common Resource Locations. This issue …

Attack vector
Network
Complexity
Low
Published
07/07/2026
8.1 High

Improper verification of cryptographic signature vulnerability in HAVELSAN Inc. Liman MYS allows Fake the Source of Data. This issue affects Liman MYS: …

Attack vector
NETWORK
Complexity
HIGH
Published
07/07/2026
8.0 High

A path traversal flaw was found in SSSD's AD GPO provider. The ad_gpo_extract_smb_components() function does not sanitize .. sequences in the gPCFileSysPath …

Attack vector
NETWORK
Complexity
HIGH
Published
07/07/2026
8.0 High

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the GET /invitations/{uuid} endpoint can perform …

Attack vector
Network
Complexity
High
Published
07/07/2026
7.7 High

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.466, the Logs::mount() component looks up resources …

Attack vector
Network
Complexity
Low
Published
07/07/2026
7.7 High

FOSSBilling is a free, open-source billing and client management system. In versions 0.5.6 through 0.7.2, when a `ClientPasswordReset` record already exists for …

Published
07/07/2026
7.5 High

Authorization bypass through User-Controlled key vulnerability in Idvlabs Software and Consulting Services Inc. Ontime allows Exploitation of Trusted Identifiers. This issue affects …

Attack vector
Network
Complexity
Low
Published
07/07/2026
7.5 High

Authorization bypass through User-Controlled key vulnerability in Idvlabs Software and Consulting Services Inc. Ontime allows Exploitation of Trusted Identifiers. This issue affects …

Attack vector
Network
Complexity
Low
Published
07/07/2026
7.3 High

A flaw was found in GIMP's PSD parser. An integer overflow in read_RLE_channel() can cause an undersized heap allocation for the RLE …

Attack vector
LOCAL
Complexity
LOW
Published
07/07/2026
7.1 High

Relative path traversal vulnerability in MicroRealEstate file upload functionality allows attackers to potentially overwrite system files. This issue affects MicroRealEstate: through 1.0.0-alpha3.

Published
07/07/2026
7.1 High

Broken object-level access controls and the use of a deterministic pattern during random ID generation in MicroRealEstate allows attackers to access documents …

Published
07/07/2026
7.1 High

MicroRealEstate is affected by broken object-level access controls in PDF generator functionality. This issue affects MicroRealEstate: through 1.0.0-alpha3.

Published
07/07/2026
6.9 Medium

FOSSBilling is a free, open-source billing and client management system. In versions 0.5.3 through 0.7.2, the Guest `serviceapikey/get_info` API endpoint is accessible …

Published
07/07/2026
6.9 Medium

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, a race condition in the cart checkout flow …

Published
07/07/2026
6.9 Medium

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, an unauthenticated mass assignment vulnerability in the client …

Published
07/07/2026