Advanced Threat Data Export
Filter and download the raw CVE repository (CSV/JSON) for SIEM integration and internal reporting.
Data export is locked. Upgrade your package to enable filtering and downloading.
π Premium Features
π Filter Threats
| Title | Severity | PoC | Actively Exploited | Source | Date |
|---|---|---|---|---|---|
| CVE-2026-47721 ## Summary
An authorization issue in the Scheduler API allowed authenticated non-admin users to create or modify scheduled actions that should be res... | MEDIUM | ????? | ????? | NVD | 4 days ago |
| CVE-2026-47720 ## Summary
The TDengine DAQ storage connector's `escapeTdString` at `server/runtime/storage/tdengine/index.js:10` doubles single quotes but does... | MEDIUM | ????? | ????? | NVD | 4 days ago |
| CVE-2026-47719 ## Summary
An unauthenticated attacker (Alice) connects to FUXA's Socket.IO endpoint and emits a `device-webapi-request` event whose `property.a... | HIGH | ????? | ????? | NVD | 4 days ago |
| CVE-2026-47693 Description:
### Summary
Poweradmin v4.4.0 is vulnerable to CSV Injection (Formula Injection) in its log export functionality. User-controlled data ... | MEDIUM | ????? | ????? | NVD | 4 days ago |
| CVE-2026-47252 # AppleScript/JXA Code Injection via Unescaped URL in macOS Chrome Plugin
| Field | Value |
| ---------------- | ----- |
| Repository ... | CRITICAL | ????? | ????? | NVD | 4 days ago |
| CVE-2026-45034 ## Summary
CVE-2026-34084 was patched by the helper `File::prohibitWrappers`. The helper calls `parse_url($filename, PHP_URL_SCHEME)` and then checks... | CRITICAL | ????? | ????? | NVD | 4 days ago |
| CVE-2026-9669 bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same deco... | UNKNOWN | ????? | ????? | NVD | 4 days ago |
| CVE-2026-46484 Headplane is a feature-complete Web UI for Headscale. Prior to versions 0.6.3 and 0.7.0-beta.3, Headplane was vulnerable to a path traversal / authori... | HIGH | ????? | ????? | NVD | 4 days ago |
| CVE-2026-40215 A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7_alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap... | UNKNOWN | ????? | ????? | NVD | 4 days ago |
| CVE-2026-11585 A vulnerability was determined in CodeAstro Student Attendance Management System 1.0. Affected is an unknown function of the file /attendance-php/Admi... | MEDIUM | ????? | ????? | NVD | 4 days ago |
| CVE-2026-11584 A vulnerability was found in CodeAstro Student Attendance Management System 1.0. This impacts an unknown function of the file /attendance-php/Admin/cr... | MEDIUM | ????? | ????? | NVD | 4 days ago |
| CVE-2026-35058 Improper validation of packet length during tls-crypt-v2 key extraction in OpenVPN 2.6.0 through 2.6.19 and 2.7_alpha1 through 2.7.1 allows authentica... | UNKNOWN | ????? | ????? | NVD | 4 days ago |
| CVE-2026-40519 Nginx Proxy Manager versions 2.9.14 through 2.15.1, fixed in commit a5db5ed, contain an authenticated remote code execution vulnerability via OS comma... | HIGH | ????? | ????? | NVD | 4 days ago |
| CVE-2026-52778 YesWiki is a wiki system written in PHP. Prior to version 4.6.6, an unsafe execution vulnerability exists in the Bazar form field calculator (CalcFiel... | CRITICAL | ????? | ????? | NVD | 4 days ago |
| CVE-2026-10787 Missing authorization in the deleted user groups API in Devolutions Server allows an authenticated low-privileged user to enumerate metadata of delete... | MEDIUM | ????? | ????? | NVD | 4 days ago |
| CVE-2026-10786 Improper access control in the ticketing integration settings in Devolutions Server allows an authenticated low-privileged user to obtain cleartext cr... | MEDIUM | ????? | ????? | NVD | 4 days ago |
| CVE-2026-10544 Improper neutralization of special elements in the built-in PAM provider password rotation templates in Devolutions Server allows an authenticated use... | MEDIUM | ????? | ????? | NVD | 4 days ago |
| CVE-2026-11583 A vulnerability has been found in CodeAstro Student Attendance Management System 1.0. This affects an unknown function of the file /attendance-php/Adm... | MEDIUM | ????? | ????? | NVD | 4 days ago |
| CVE-2026-49141 WACRM prior to commit 73041bf contain an authorization bypass vulnerability in the automation engine that allows authenticated attackers to access and... | HIGH | ????? | ????? | NVD | 4 days ago |
| CVE-2026-47345 Namespace attributes are not encoded correctly during HTML serialization. This allows bypassing the cross-site scripting prevention mechanism of `typo... | MEDIUM | ????? | ????? | NVD | 4 days ago |