Advanced Threat Data Export
Filter and download the raw CVE repository (CSV/JSON) for SIEM integration and internal reporting.
Data export is locked. Upgrade your package to enable filtering and downloading.
π Premium Features
π Filter Threats
| Title | Severity | EPSS (30-Day) | PoC | Actively Exploited | Source | Date |
|---|---|---|---|---|---|---|
| CVE-2026-9831 A race condition in the shared Extreme Platform
ONE IAM Gateway API-key authentication path could, under specific
high-concurrency traffic conditions,... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-47268 #### Summary
An authenticated Nezha dashboard user can create or update a DDNS profile with provider `webhook` and configure an arbitrary `webhook_ur... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-47233 ## Summary
Commit `d37ca6b27b9674238e58491cf7ba292e66898f15` ("Delete item not check admin rights #2024", 2026-04-12) added a missing `isAd... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-47234 ## Summary
When debug logging is enabled, `Session::setCookie()` logs full cookie values and `Session::start()` logs the current session ID. In a rea... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-47232 ## Summary
The sensitive `mode=export` action in `modules/sso/keys.php` exports a PKCS#12 bundle containing the configured private key and certificat... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-47231 ## Summary
`modules/documents-files.php` gates state-changing modes by checking that the actor has `hasUploadRight()` on the URL parameter `folder_uu... | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-47230 ## Summary
`modules/documents-files.php` mode `file_rename_save` shares the same root-cause shape as the cross-folder move bug (`05-documents-cross-f... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-47229 ## Summary
`modules/sso/clients.php` validates an `adm_csrf_token` on every state-changing branch except `enable`. The `enable` case loads the SAML o... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-47228 ## Summary
`modules/registration.php` mode `send_login` regenerates a random password for `user_uuid_assigned`, stores its bcrypt hash in `adm_users.... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-47227 ## Summary
`modules/categories.php` checks that the supplied `type` parameter (`ANN`, `EVT`, `ROL`, `USF`, β¦) corresponds to a module the actor adm... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-47226 ### Summary
An authenticated Admidio member with upload rights on **any one folder** can permanently delete files from folders where they have only v... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-47213 #### Summary
BoxLite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and run OCI containers within them. BoxLit... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-47212 ### Description
The Twilio SMS notifier bridge ships a webhook request parser used to authenticate and decode the status callbacks Twilio POSTs to an... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-47211 ### Impact
A Remote Code Execution (RCE) vulnerability was discovered in Ouroboros. If a user clones a malicious repository and runs Ouroboros command... | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-47203 ### Impact
**CVSSv4 Baseline Score:** Moderate 6.3
**CVSSv4 Weighted Score:** Low 2.9
The full CVSSv4 Vector for this vulnerability is:
> CVSS:... | LOW | π LOCKED | ????? | ????? | NVD | 5 days ago |
| ???-????-???? ?????????????????????????????????? ?????????????????????????????????? | CRITICAL | π LOCKED | ????? | ????? | SA | 5 days ago |
| ???-????-???? ?????????????????????????????????? ?????????????????????????????????? | HIGH | π LOCKED | ????? | ????? | SA | 5 days ago |
| CVE-2026-47695 ### Summary
CC-Tweaked's HTTP API (`http.request`, `http.websocket`) blocks requests to private network ranges to prevent server-side request fo... | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-47184 ### Impact
`DNSCache._async_add` inserted every response record into `cache`, `_expirations`, `_expire_heap`, and `service_cache` with no cap on entr... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-48811 FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, FreeScout allows a non-admin user to permane... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |