Advanced Threat Data Export
Filter and download the raw CVE repository (CSV/JSON) for SIEM integration and internal reporting.
Data export is locked. Upgrade your package to enable filtering and downloading.
🔔 Premium Features
🔍 Filter Threats
| Title | Severity | PoC | Actively Exploited | Source | Date |
|---|---|---|---|---|---|
| ???-????-???? ?????????????????????????????????? ?????????????????????????????????? | HIGH | ????? | ????? | SA | 1 day ago |
| ???-????-???? ?????????????????????????????????? ?????????????????????????????????? | HIGH | ????? | ????? | SA | 3 days ago |
| ???-????-???? ?????????????????????????????????? ?????????????????????????????????? | HIGH | ????? | ????? | SA | 3 days ago |
| ???-????-???? ?????????????????????????????????? ?????????????????????????????????? | HIGH | ????? | ????? | SA | 3 days ago |
| ???-????-???? ?????????????????????????????????? ?????????????????????????????????? | HIGH | ????? | ????? | SA | 3 days ago |
| CVE-2026-54246 ## Description
The `routesrv` component exposes the full cluster route topology (Ingress/RouteGroup configurations, backend URLs, filter chains, OAut... | MEDIUM | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-55177 # Authenticated full-read SSRF in CloudTAK `/api/esri*` routes — user-controlled URL fetched with no IP-classification guard
## Summary
Every rout... | HIGH | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-54559 ### Impact
The trie language model code introduced in PocketSphinx 5prealpha failed to check various boundary conditions when reading the headers of ... | MEDIUM | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-54570 ### Summary
The HTML specification requires that a MathML `<annotation-xml>` element with `encoding="text/html"` or `encoding="ap... | MEDIUM | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-54498 view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 4.0.0 until 4.12.0, ViewCompone... | HIGH | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-55518 Avo is a framework to create admin panels for Ruby on Rails apps. Prior to 3.32.1 and 4.0.0.beta.51, Avo's association attach workflow checks att... | CRITICAL | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-54497 view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 4.0.0 until 4.12.0, ViewCompone... | MEDIUM | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-54163 secure_headers manages application of security headers with many safe defaults. Prior to 7.3.0, secure_headers builds the Content-Security-Policy valu... | MEDIUM | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-54244 Statamic is a Laravel and Git powered content management system (CMS). Prior to 5.74.0 and 6.20.3, the Live Preview endpoint for existing entries and ... | LOW | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-54242 Statamic is a Laravel and Git powered content management system (CMS). Prior to 5.73.24 and 6.20.1, the Glide image proxy's URL validation in src... | MEDIUM | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-54243 Statamic is a Laravel and Git powered content management system (CMS). Prior to 5.73.24 and 6.20.1, form submission values in src/Forms/Exporters/CsvE... | MEDIUM | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-52584 Buffer Overflow vulnerability in libjxl v.0.11.2 and before allows a local attacker to obtain sensitive information via the DecodeImageAPNG function | UNKNOWN | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-52348 cool-admin-java 8.0.0 has a SQL injection vulnerability in the order() method of CrudOption.java. | UNKNOWN | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-52203 An issue in MCMS v.6.1.1 allows a remote attacker to obtain sensitive information via the source parameter. | UNKNOWN | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-50274 Datadog dd-trace-go is a Go client library for Datadog application performance monitoring, profiling, and security monitoring. Prior to 2.8.1, Datadog... | HIGH | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-50271 Datadog dd-trace-py is the Datadog Python APM client. Prior to 4.8.2, Datadog tracing libraries that implement W3C baggage propagation parse incoming ... | HIGH | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-50272 dd-trace is the Datadog APM client for Node.js. Prior to 5.100.0, W3C baggage propagation in packages/dd-trace/src/baggage.js and packages/dd-trace/sr... | HIGH | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-54159 PrestaShop ps_facetedsearch is a module that adds layered navigation filters. From 3.0.0 until 4.0.4, the ps_facetedsearch module rebuilds selected se... | CRITICAL | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-44891 Netty is a network application framework for development of protocol servers and clients. Prior to 4.1.136.Final and 4.2.16.Final, io.netty.handler.co... | HIGH | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-49977 tarteaucitron.js is a compliant and accessible cookie banner. Prior to 1.33.0, tarteaucitron.cookie.purge() is called on any element with the purgeBtn... | MEDIUM | ????? | ????? | NVD | 1 hour ago |