Advanced Threat Data Export
Filter and download the raw CVE repository (CSV/JSON) for SIEM integration and internal reporting.
Data export is locked. Upgrade your package to enable filtering and downloading.
🔔 Premium Features
🔍 Filter Threats
| Title | Severity | PoC | Actively Exploited | Source | Date |
|---|---|---|---|---|---|
| ???-????-???? ?????????????????????????????????? ?????????????????????????????????? | CRITICAL | ????? | ????? | SA | 15 hours ago |
| ???-????-???? ?????????????????????????????????? ?????????????????????????????????? | CRITICAL | ????? | ????? | SA | 1 day ago |
| ???-????-???? ?????????????????????????????????? ?????????????????????????????????? | CRITICAL | ????? | ????? | SA | 1 day ago |
| ???-????-???? ?????????????????????????????????? ?????????????????????????????????? | HIGH | ????? | ????? | SA | 3 days ago |
| ???-????-???? ?????????????????????????????????? ?????????????????????????????????? | CRITICAL | ????? | ????? | SA | 3 days ago |
| CVE-2026-8797 An access control deficiency vulnerability exists in ExpressUpdate Agent for Windows. If a malicious user gains access to the product, arbitrary code ... | UNKNOWN | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-8661 Server-Side Cross-Site Scripting and Server-Side Request Forgery vulnerability in the markdown_to_pdf action of Rapid7 InsightConnect Markdown Plugin ... | MEDIUM | ????? | ????? | NVD | 3 hours ago |
| CVE-2026-50745 A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not follow... | MEDIUM | ????? | ????? | NVD | 3 hours ago |
| CVE-2026-50744 A bypass to the admin‑only restriction of the XML‑RPC API in Revive Adserver 6.0.7. The API response for the ox.login method returned a session ID... | MEDIUM | ????? | ????? | NVD | 3 hours ago |
| CVE-2026-50742 A stored XSS vulnerabilities exists in the `maintenance-acl-check.php` and `maintenance-banners-check.php` tools of Revive Adserver 6.0.7. The issue w... | MEDIUM | ????? | ????? | NVD | 3 hours ago |
| CVE-2026-50741 Bypass to the fix for CVE-2026-34916. Variants of such vectors have been also reported by phucrio and offsetmd. The fix can be bypassed either by send... | HIGH | ????? | ????? | NVD | 3 hours ago |
| CVE-2026-50740 A missing sanitisation vulnerability of user input in the zone-include.php script exists in Revive Adserver 6.0.7 and earlier. A low‑privileged user... | MEDIUM | ????? | ????? | NVD | 3 hours ago |
| CVE-2026-50739 A bypass for CVE‑2026‑34913 exists with proper ownership validation that had not been applied to the reverse operation of linking campaigns and tr... | MEDIUM | ????? | ????? | NVD | 3 hours ago |
| CVE-2026-48936 A flaw in Node.js Permission API can cause a local server to be started (via a Unix domain socket), even without the `--allow-net` permission.
This... | LOW | ????? | ????? | NVD | 3 hours ago |
| CVE-2026-48935 A flaw in Node.js Permission API can cause a file metadata to be modified even on a path that was set as read-only with e.g. `--allow-fs-read`.
Thi... | LOW | ????? | ????? | NVD | 3 hours ago |
| CVE-2026-48934 A flaw in Node.js TLS host verification can cause an attacker to bypass certification validation.
This vulnerability affects all supported release ... | MEDIUM | ????? | ????? | NVD | 3 hours ago |
| CVE-2026-48933 A flaw in Node.js WebCrypto implementation can crash the process if the input of `subtle.encrypt()` is a multiple of 2GiB.
This vulnerability affec... | HIGH | ????? | ????? | NVD | 3 hours ago |
| CVE-2026-48930 A flaw in Node.js TLS hostname handling can cause Embedded-nul hostnames can lead to silent authority rebinding due to c-string truncation in resolver... | MEDIUM | ????? | ????? | NVD | 3 hours ago |
| CVE-2026-48928 A inconsistency in Node.js hostname matching can cause a trust-policy bypass in multi-context mTLS setups.
This vulnerability affects all supported... | MEDIUM | ????? | ????? | NVD | 3 hours ago |
| CVE-2026-48619 A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client... | MEDIUM | ????? | ????? | NVD | 3 hours ago |
| CVE-2026-48618 A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass due to r... | HIGH | ????? | ????? | NVD | 3 hours ago |
| CVE-2026-48615 A flaw in Node.js proxy tunnel error handling could expose proxy credentials in `ERR_PROXY_TUNNEL` error messages.
When proxy credentials are embed... | MEDIUM | ????? | ????? | NVD | 3 hours ago |
| CVE-2026-13226 The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via the 'after' pa... | MEDIUM | ????? | ????? | NVD | 3 hours ago |
| CVE-2026-13322 A flaw was found in KubeVirt's downward metrics virtio-serial server. The server reads guest requests using textproto.Reader.ReadLine(), which bu... | LOW | ????? | ????? | NVD | 5 hours ago |
| CVE-2026-13318 A server-side request forgery (SSRF) flaw was found in KubeVirt's virt-api port-forward handler. When processing a port-forward request to a Virt... | MEDIUM | ????? | ????? | NVD | 5 hours ago |