Threat intelligence dashboard
Today's CVEs, attack reports, and CISA KEV — CVSS, EPSS, and MITRE context at a glance.
Attack reports – last 7 days · through Friday 3 July 2026 (18)
-
Confidence 100 20 MITREs 8 Malwares 11 IOCs 2 Observables 1 APT
-
Confidence 100 16 MITREs 108 IOCs 108 Observables
-
Confidence 100 1 Malware 45 IOCs
Vulnerabilities today (28)
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker on the same local network segment to execute arbitrary …
- Published
- 03/07/2026
An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 03/07/2026
A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client for Windows allows a local attacker to escalate their …
- Published
- 03/07/2026
An authenticated administrator can trigger a denial-of-service condition in the Fireware Management Web UI by sending malformed or crafted data to the …
- Published
- 03/07/2026
In exception circumstances, WatchGuard Fireware OS on a FireCluster may use a hard-coded encryption key to encrypt saved credentials for Access Portal …
- Published
- 03/07/2026
The admin panel lacks standard security headers, enabling clickjacking and cross-site scripting attacks.
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 03/07/2026
The Azure Blob Storage container used for Gardyn device logs is publicly listable without authentication. A malicious user would be able to …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 03/07/2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS SIP Proxy module allows Stored …
- Published
- 03/07/2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS spamBlocker module allows Stored XSS. …
- Published
- 03/07/2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Autotask Technology Integration module) allows …
- Published
- 03/07/2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (ConnectWise Technology Integration module) allows …
- Published
- 03/07/2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Tigerpaw Technology Integration module) allows …
- Published
- 03/07/2026
Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network.
- Attack vector
- NETWORK
- Complexity
- HIGH
- Published
- 03/07/2026