Threat intelligence dashboard
Today's CVEs, attack reports, and CISA KEV — CVSS, EPSS, and MITRE context at a glance.
Attack reports – last 7 days · through Saturday 4 July 2026 (21)
-
Confidence 100 16 MITREs 108 IOCs 108 Observables
Vulnerabilities today (21)
The Execute Command node in n8n allows authenticated users to execute arbitrary commands on the host system where n8n runs. Attackers with …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 04/07/2026
An Incorrect Use of Privileged APIs vulnerability in Unity Parsec on Windows hosts leads to a potential Elevation of Privilege. This issue …
- Attack vector
- LOCAL
- Complexity
- LOW
- Published
- 04/07/2026
picklescan before 0.0.34 fails to detect the _operator.methodcaller built-in function when scanning pickle files for malicious code. Attackers can craft malicious pickle …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 04/07/2026
picklescan before 0.0.33 fails to detect operator.methodcaller function calls in pickle files, allowing attackers to bypass security checks. Remote attackers can craft …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 04/07/2026
Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran.getlincoef gadget in pickle __reduce__ methods, allowing arbitrary code execution. Attackers can craft malicious pickle …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 04/07/2026
picklescan before 0.0.28 fails to detect malicious pickle files that use torch.utils.data.datapipes.utils.decoder.basichandlers in reduce methods, allowing attackers to bypass safety checks. Remote …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 04/07/2026
picklescan before 0.0.34 fails to detect _operator.attrgetter function calls in pickle payloads, allowing attackers to bypass security checks. Remote attackers can craft …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 04/07/2026
picklescan before 0.0.28 fails to detect malicious torch.utils.bottleneck.__main__.run_cprofile function calls in pickle files, allowing attackers to bypass safety checks. Remote attackers can …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 04/07/2026
picklescan before 0.0.30 fails to detect the asyncio.unix_events._UnixSubprocessTransport._start function in pickle reduce methods, allowing remote code execution. Attackers can craft malicious pickle …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 04/07/2026
picklescan before 0.0.33 fails to detect unsafe deserialization when numpy.f2py.crackfortran functions call eval on arbitrary strings. Attackers can embed malicious code in …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 04/07/2026
picklescan before 0.0.29 fails to detect malicious pickle files using idlelib.calltip.get_entity function in reduce methods. Attackers can embed undetected code in pickle …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 04/07/2026
picklescan before 0.0.29 fails to detect malicious pickle payloads that utilize lib2to3.pgen2.grammar.Grammar.loads in the reduce method, allowing remote code execution. Attackers can …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 04/07/2026
picklescan before 0.0.28 fails to detect malicious torch.fx.experimental.symbolic_shapes.ShapeEnv.evaluate_guards_expression function calls in pickle files. Attackers can embed undetected code in pickle files that …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 04/07/2026
picklescan before 0.0.28 fails to detect malicious pickle files that exploit torch._dynamo.guards.GuardBuilder.get function in reduce methods. Attackers can craft pickle files with …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 04/07/2026
picklescan before 0.0.33 fails to detect malicious pickle files using numpy.f2py.crackfortran.param_eval function in reduce methods, allowing attackers to bypass security checks. Remote …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 04/07/2026