Advanced Threat Data Export
Filter and download the raw CVE repository (CSV/JSON) for SIEM integration and internal reporting.
Data export is locked. Upgrade your package to enable filtering and downloading.
π Premium Features
π Filter Threats
| Title | Severity | PoC | Actively Exploited | Source | Date |
|---|---|---|---|---|---|
| CVE-2026-45324 Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a double free in librz/core/cmd/cmd_search.c:byte_pattern_search... | LOW | ????? | ????? | NVD | 6 days ago |
| CVE-2026-45149 The brace-expansion library generates arbitrary strings containing a common prefix and suffix. From 5.0.0 to before 5.0.6, the max option was being ap... | MEDIUM | ????? | ????? | NVD | 6 days ago |
| CVE-2026-44640 NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to 0.24.14, aio->prov_data is stored as nni_quic_conn* during dialing, ... | MEDIUM | ????? | ????? | NVD | 6 days ago |
| CVE-2026-44422 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer re... | HIGH | ????? | ????? | NVD | 6 days ago |
| CVE-2026-44421 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in t... | HIGH | ????? | ????? | NVD | 6 days ago |
| CVE-2026-44420 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in F... | HIGH | ????? | ????? | NVD | 6 days ago |
| CVE-2026-44287 FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, the JavaScript sandbox worker at projects/code-sandbox/src/pool/worker.ts:356 blocks ... | MEDIUM | ????? | ????? | NVD | 6 days ago |
| CVE-2026-44285 FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, a Server-Side Request Forgery (SSRF) vulnerability allows an authenticated attacker t... | HIGH | ????? | ????? | NVD | 6 days ago |
| CVE-2026-42500 Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image. | MEDIUM | ????? | ????? | NVD | 6 days ago |
| CVE-2026-47183 ### Impact
`DNSIncoming._log_exception_debug` and the four `QuietLogger` exception-dedup methods stored an unbounded `_seen_logs` dict keyed by `str(s... | MEDIUM | ????? | ????? | NVD | 6 days ago |
| CVE-2026-47180 ### Impact
`DNSIncoming._decode_labels_at_offset` recurses once per DNS-name compression pointer (RFC 1035 Β§4.1.4). Pointer cycles and label counts ... | MEDIUM | ????? | ????? | NVD | 6 days ago |
| CVE-2026-47260 ## Summary
Koel validates the podcast feed URL via the `SafeUrl` rule (DNS resolution + public IP check), but the individual episode `<enclosure u... | HIGH | ????? | ????? | NVD | 6 days ago |
| CVE-2026-48557 Spatie Laravel Media Library before version 11.23.0 contains a file upload restriction bypass in FileAdder::defaultSanitizer(). The sanitizer checks o... | HIGH | ????? | ????? | NVD | 6 days ago |
| CVE-2026-47122 ## Summary
AppInstaller post-stage-1 XPC listener accepts unvalidated connections, allowing spoofed appcast item data injection.
## Details
`Autoup... | MEDIUM | ????? | ????? | NVD | 6 days ago |
| CVE-2026-47121 ## Summary
Binary delta apply intermediate-symlink traversal in malicious .delta
`Autoupdate/SUBinaryDeltaApply.m` enforces `relativePath.pathCompon... | MEDIUM | ????? | ????? | NVD | 6 days ago |
| CVE-2026-45700 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write... | UNKNOWN | ????? | ????? | NVD | 6 days ago |
| CVE-2026-46705 ### Summary
The `russh` server authentication path keeps internal userauth state across `SSH_MSG_USERAUTH_REQUEST` messages without separating that st... | MEDIUM | ????? | ????? | NVD | 6 days ago |
| CVE-2026-46702 ### Summary
When SSH compression is enabled, `russh` accepted compressed packets whose on-wire size passed the normal transport packet-length checks ... | HIGH | ????? | ????? | NVD | 6 days ago |
| CVE-2026-45151 NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quic_stream_recv can dereference a null substream pointer... | UNKNOWN | ????? | ????? | NVD | 6 days ago |
| CVE-2026-47255 The current upstream main branch at commit 7e0206d was reviewed, and the fix-first patch set was rebased on 2026-05-18. The patches cover: validated a... | HIGH | ????? | ????? | NVD | 6 days ago |