Advanced Threat Data Export
Filter and download the raw CVE repository (CSV/JSON) for SIEM integration and internal reporting.
Data export is locked. Upgrade your package to enable filtering and downloading.
🔔 Premium Features
🔍 Filter Threats
| Title | Severity | PoC | Actively Exploited | Source | Date |
|---|---|---|---|---|---|
| ???-????-???? ?????????????????????????????????? ?????????????????????????????????? | CRITICAL | ????? | ????? | SA | 9 hours ago |
| ???-????-???? ?????????????????????????????????? ?????????????????????????????????? | CRITICAL | ????? | ????? | SA | 1 day ago |
| ???-????-???? ?????????????????????????????????? ?????????????????????????????????? | CRITICAL | ????? | ????? | SA | 1 day ago |
| ???-????-???? ?????????????????????????????????? ?????????????????????????????????? | HIGH | ????? | ????? | SA | 2 days ago |
| ???-????-???? ?????????????????????????????????? ?????????????????????????????????? | CRITICAL | ????? | ????? | SA | 2 days ago |
| CVE-2026-40941 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows... | UNKNOWN | ????? | ????? | NVD | 35 minutes ago |
| CVE-2026-40084 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal through the Report for... | MEDIUM | ????? | ????? | NVD | 53 minutes ago |
| CVE-2026-40083 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have SQL Injection through unsanitized unserialize+implo... | HIGH | ????? | ????? | NVD | 58 minutes ago |
| CVE-2026-40082 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have missing session_regenerate_id() after login, leadin... | MEDIUM | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-40080 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Open Redirect through a substring chec... | MEDIUM | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-22879 vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability | HIGH | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-13283 Use after free in AdFilter in Google Chrome on Android prior to 149.0.7827.201 allowed a remote attacker who convinced a user to engage in specific UI... | UNKNOWN | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-12975 A flaw was found in Apicurio Registry. The ContentTypeUtil.isParsableXml() method creates a SAXParserFactory without enabling secure processing featur... | HIGH | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-11800 A flaw was found in Keycloak. This JWT algorithm confusion vulnerability in the JWT Authorization Grant flow allows an attacker with valid client cred... | HIGH | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-13282 Use after free in Payments in Google Chrome on Android prior to 149.0.7827.201 allowed a local attacker to potentially exploit heap corruption via phy... | UNKNOWN | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-13281 Integer overflow in Mojo in Google Chrome prior to 149.0.7827.201 allowed a remote attacker who had compromised the renderer process to potentially pe... | UNKNOWN | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-12992 A flaw was found in Apicurio Registry. The WSDLReaderAccessor creates a wsdl4j WSDLReader without disabling the javax.wsdl.importDocuments feature. Wh... | HIGH | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-55166 <!-- obsidian --><h1 data-heading="Lemur 1.9.0: any SSO-authenticated user achieves AWS IAM compromise and permanent PKI key access via ... | CRITICAL | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-55165 <!-- obsidian --><h1 data-heading="Lemur 1.9.0: JWT verifier trusts attacker-supplied alg from token header — defense-in-depth gap; ch... | MEDIUM | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-55164 ## Summary
`lemur.users.service.update()` writes a user's new password as plaintext to the `users.password` column. The `User` model wires bcryp... | MEDIUM | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-55163 ## Summary
The `PUT /api/1/roles/<id>` handler in `lemur/roles/views.py` gates only on `RoleMemberPermission(role_id).can()`, which is satisfi... | MEDIUM | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-55162 ## Summary
When verifying an uploaded certificate, `lemur/certificates/verify.py` extracts the CRL Distribution Point URL and the OCSP responder URL... | MEDIUM | ????? | ????? | NVD | 1 hour ago |
| CVE-2026-48722 ### Impact
`nextflow auth login` persists Seqera Platform OIDC tokens to `${NXF_HOME:-~/.nextflow}/seqera-auth.config`. The file is created via Java ... | MEDIUM | ????? | ????? | NVD | 1 hour ago |
| CVE-2025-71340 picklescan through 0.0.26 fails to detect malicious pickle files that invoke idlelib.pyshell.ModifiedInterpreter.runcode in __reduce__ methods. Attack... | HIGH | ????? | ????? | NVD | 1 hour ago |
| CVE-2025-71338 Flowise contains a path traversal vulnerability in the /api/v1/document-store/loader/process endpoint that allows unauthenticated attackers to write a... | CRITICAL | ????? | ????? | NVD | 1 hour ago |