Threat intelligence dashboard
Today's CVEs, attack reports, and CISA KEV — CVSS, EPSS, and MITRE context at a glance.
Attack reports – last 7 days · through Wednesday 8 July 2026 (18)
-
Confidence 100 12 MITREs 4 Malwares 13 IOCs 9 Observables
-
Confidence 100 20 MITREs 14 IOCs 14 Observables
-
Confidence 100 20 MITREs 2 Malwares 9 IOCs 2 Observables
-
Confidence 100 16 MITREs 11 IOCs 11 Observables
-
Confidence 100 18 MITREs 1 Malware 4 IOCs 4 Observables
Vulnerabilities today (229)
Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the tailnet coordinator validates …
- Attack vector
- Network
- Complexity
- High
- Published
- 08/07/2026
IBM API Connect 12.1.0.0 through 12.1.0.3 uses default credentials which could allow an attacker to gain unauthorized access to the application before …
- Attack vector
- NETWORK
- Complexity
- HIGH
- Published
- 08/07/2026
Frigate is an open source network video recorder. In version 0.17.1, the GET /api/logs/{service} endpoint allows any authenticated user including the viewer …
- Attack vector
- Network
- Complexity
- Low
- Published
- 08/07/2026
Capgo before 12.128.2 contains a broken access control vulnerability in the organization management API where a scoped API key (limited_to_orgs) inherits its …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 08/07/2026
The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 08/07/2026
The Appointment Booking Calendar Plugin and Scheduling Plugin WordPress plugin through 1.1.28 does not validate data before passing it to a PHP …
- Attack vector
- Network
- Complexity
- High
- Published
- 08/07/2026
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Progress MOVEit Transfer (Ad Hoc module). This issue affects MOVEit …
- Attack vector
- Network
- Complexity
- Low
- Published
- 08/07/2026
Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability.
- Attack vector
- LOCAL
- Complexity
- LOW
- Published
- 08/07/2026
The application opened a PDF file containing an abnormal Unity 3D object. During parsing, the application incorrectly resolved a portion of the …
- Attack vector
- Local
- Complexity
- Low
- Published
- 08/07/2026
When the application opens a PDF and executes JavaScript, it performs abnormal operations on the list box field, and this operation is …
- Attack vector
- LOCAL
- Complexity
- LOW
- Published
- 08/07/2026
There is an abnormal annotation within the PDF that is referenced by other objects. When the application parses the PDF, it fails …
- Attack vector
- Local
- Complexity
- Low
- Published
- 08/07/2026
When the application opens a PDF file, during the process of JavaScript deleting pages and removing attachment annotations, it will cause the …
- Attack vector
- LOCAL
- Complexity
- LOW
- Published
- 08/07/2026
The application opens a PDF, but the cloud-like appearance of the construction process lacks proper setting of an upper limit and consistency …
- Attack vector
- LOCAL
- Complexity
- LOW
- Published
- 08/07/2026
When the application opens a PDF and JavaScript resets the form fields, the script re-enters the interface. The underlying native object is …
- Attack vector
- Local
- Complexity
- Low
- Published
- 08/07/2026
After the application opened the PDF file, the script first reset the annotation status, then triggered the reset form event by additional …
- Attack vector
- LOCAL
- Complexity
- LOW
- Published
- 08/07/2026