Threat intelligence dashboard
Today's CVEs, attack reports, and CISA KEV — CVSS, EPSS, and MITRE context at a glance.
Attack reports – last 7 days · through Thursday 2 July 2026 (24)
-
Confidence 100 20 MITREs 8 Malwares 11 IOCs 2 Observables 1 APT
-
Confidence 100 16 MITREs 108 IOCs 108 Observables
-
Confidence 100 1 Malware 45 IOCs
-
Confidence 100 2 CVEs 20 MITREs 2 IOCs 2 Observables
-
Confidence 100 26 MITREs 1 Malware 29 IOCs 12 Observables 1 APT
Vulnerabilities today (186)
Out of bounds write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 02/07/2026
Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 02/07/2026
Integer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 02/07/2026
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 02/07/2026
A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a …
- Published
- 02/07/2026
Unauthenticated SQL Injection in WP Fast Total Search <= 1.80.280 versions.
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 02/07/2026
Editor Arbitrary Code Execution in Five Star Business Profile and Schema <= 2.3.19 versions.
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 02/07/2026
Unauthenticated Arbitrary Code Execution in W3 Total Cache <= 2.9.4 versions.
- Attack vector
- NETWORK
- Complexity
- HIGH
- Published
- 02/07/2026
Unauthenticated Cross Site Request Forgery (CSRF) in WPIDE – File Manager & Code Editor <= 3.5.6 versions.
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 02/07/2026
Unauthenticated Cross Site Request Forgery (CSRF) in ProfileGrid <= 5.9.9.7 versions.
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 02/07/2026
Deserialization of Untrusted Data vulnerability in Themify Themify Popup allows Object Injection. This issue affects Themify Popup: from n/a through 1.4.3.
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 02/07/2026
Contributor PHP Object Injection in Werkstatt <= 4.8.3 versions.
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 02/07/2026
Contributor PHP Object Injection in ARMember Premium <= 7.0 versions.
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 02/07/2026
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 02/07/2026
Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 02/07/2026