216.73.217.98

Threat intelligence dashboard

Today's CVEs, attack reports, and CISA KEV — CVSS, EPSS, and MITRE context at a glance.

Attack reports – last 7 days · through Friday 10 July 2026 (8)

Vulnerabilities today (117)

Sorted by CVSS severity (highest first)

6.5 Medium

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, the AWS SES bounce webhook at POST /webhooks/aws verified …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.5 Medium

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, regular users could route direct S3 multipart uploads through …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.5 Medium

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.4 Medium

The All-in-One Video Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.8.5 via …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.4 Medium

The BuddyHolis TableSearch plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘placeholder’ parameter in all versions up to, and …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.4 Medium

The Animation Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'weather_style' and 'move_direction' parameters of the …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.4 Medium

The affiliate-toolkit – WP Affiliate Plugin with Amazon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'atkp_product' shortcode …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.4 Medium

The Sudoku Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'background' parameter in the 'sudoku-sc' shortcode in all …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.4 Medium

The Plus Addons for Elementor plugin for WordPress was vulnerable to Authenticated (Contributor+) Stored Cross-Site Scripting via the Button widget's `custom_attributes` setting …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.4 Medium

The King Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'form_page_id' parameter in versions up to, …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.3 Medium

A security flaw has been discovered in zhayujie CowAgent up to 2.1.0. The impacted element is an unknown function of the file …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.3 Medium

A weakness has been identified in Sipeed PicoClaw up to 0.2.9. Affected by this issue is some unknown functionality of the file …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.3 Medium

A security flaw has been discovered in Sipeed PicoClaw up to 0.2.9. Affected by this vulnerability is the function WebFetchTool.Execute of the …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.3 Medium

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, restricted tag and tag-group names attached to publicly readable …

Published
10/07/2026
6.3 Medium

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, secure uploads could be exposed by pull_hotlinked_images when an …

Published
10/07/2026