Advanced Threat Data Export
Filter and download the raw CVE repository (CSV/JSON) for SIEM integration and internal reporting.
Data export is locked. Upgrade your package to enable filtering and downloading.
π Premium Features
π Filter Threats
| Title | Severity | EPSS (30-Day) | PoC | Actively Exploited | Source | Date |
|---|---|---|---|---|---|---|
| CVE-2026-47141 ## Summary
`NodeVM` exposes some process-wide observability builtins when they are allowed through `require.builtin`.
The following builtins are not... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-7786 Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
device firmware contains plaintext administrative credentials e... | CRITICAL | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-6824 A stored cross-site scripting (XSS) vulnerability exists in certain 1xxx series NVR devices due to insufficient sanitization of user-supplied input in... | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-5768 The Frontier X2 device allows unauthenticated BLE read/write access to critical GATT characteristics without enforcing pairing authentication or autho... | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-5386 The affectedΒ KMW CCTV Security Cameras areΒ vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to remotely reset t... | CRITICAL | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-47179 Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.4, ProjectService.GetProjectFileContent returns th... | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-47125 Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.2, the PUT /api/environments/{id}/templates/variab... | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-45661 Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.26.5 and earlier, a critical path traversal vulnerability exists in Dokploy v0.26.... | CRITICAL | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-45633 Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.26.6 and earlier, Dokploy contains a command injection vulnerability in the /docke... | CRITICAL | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-45632 Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.26.7 and earlier, the schedule router does not enforce organization/role checks. A... | CRITICAL | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-45631 Dokploy is a free, self-hostable Platform as a Service (PaaS). From 0.27.0 to before 0.29.3, a hardcoded BETTER_AUTH_SECRET fallback ("better-aut... | CRITICAL | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-45630 Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.28.8 and earlier, authenticated OS command injection in the application.updateTrae... | CRITICAL | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-45660 Statamic is a Laravel and Git powered content management system (CMS). Prior to 5.73.22 and 6.18.1, the Glide image proxy's URL validation could ... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-45629 Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.28.8 and earlier, authenticated OS command injection in the /listen-deployment Web... | CRITICAL | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-45628 Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.29.2 and earlier, Dokploy constructs shell commands using JavaScript template lite... | CRITICAL | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-45625 Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.0, Arcane's huma-based REST API exposes nine ... | CRITICAL | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-45626 Arcane is an interface for managing Docker containers, images, networks, and volumes. In 1.18.1 and earlier, GET /environments/{id}/volumes/{volumeNam... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-45627 Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.0, the unauthenticated GET /api/app-images/logo en... | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-44697 Klever-Go is the Go implementation of the Klever blockchain protocol. Prior to 1.7.17, a remote, unauthenticated denial-of-service vulnerability in Ba... | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-47139 ## Summary
`NodeVM` supports excluding public network builtins from the wildcard builtin option. With this configuration direct access to `http`, `ht... | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |