216.73.216.86

Threat intelligence dashboard

Today's CVEs, attack reports, and CISA KEV — CVSS, EPSS, and MITRE context at a glance.

Attack reports – last 7 days · through Friday 17 July 2026 (22)

Vulnerabilities today (280)

Sorted by CVSS severity (highest first)

10.0 Critical

Jupyter Enterprise Gateway launches remote Jupyter Notebook kernels across distributed clusters like Apache Spark, Kubernetes, and Docker Swarm. In versions prior to …

Published
17/07/2026
10.0 Critical

Jupyter Enterprise Gateway launches remote Jupyter Notebook kernels across distributed clusters like Apache Spark, Kubernetes, and Docker Swarm. In versions 2.0.0rc2 and …

Published
17/07/2026
9.9 Critical

IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow an attacker to write arbitrary files to unintended locations due to improper input …

Attack vector
NETWORK
Complexity
LOW
Published
17/07/2026
9.9 Critical

IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to escalate privileges to superuser by directly manipulating the database, execute arbitrary system …

Attack vector
NETWORK
Complexity
LOW
Published
17/07/2026
9.9 Critical

IBM Langflow OSS 1.0.0 through 1.10.0 contain a critical remote code execution vulnerability in the code validation API endpoint. The POST /api/v1/validate/code …

Attack vector
NETWORK
Complexity
LOW
Published
17/07/2026
9.9 Critical

IBM Langflow OSS 1.0.0 through 1.10.0 contain a critical remote code execution vulnerability in the disk-based caching mechanism. The AsyncDiskCache class uses …

Attack vector
NETWORK
Complexity
LOW
Published
17/07/2026
9.9 Critical

IBM Langflow OSS 1.0.0 through 1.10.0 Langflow versions up to 1.9.2 (commit 94981c443d4918517b9e8163d70fc598dc33a32d) contain a code injection vulnerability in the Policies component's …

Attack vector
NETWORK
Complexity
LOW
Published
17/07/2026
9.8 Critical

IBM Langflow OSS 1.0.0 through 1.10.0 has a vulnerability in Langflow's webhook authentication logic allows unauthenticated users to trigger the execution of …

Attack vector
NETWORK
Complexity
LOW
Published
17/07/2026
9.8 Critical

IBM Langflow OSS 1.0.0 through 1.10.0 could allow a remote attacker to gain unauthorized access due to improper authentication in the /api/v1/login/auto_login …

Attack vector
NETWORK
Complexity
LOW
Published
17/07/2026
9.8 Critical

IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to create unlimited user accounts on any Langflow instance; when NEW_USER_IS_ACTIVE=true (documented deployment …

Attack vector
Network
Complexity
Low
Published
17/07/2026
9.8 Critical

IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to chain /api/v1/auto_login (mints SUPERUSER tokens to any network caller) with /api/v1/validate/code (executes …

Attack vector
NETWORK
Complexity
LOW
Published
17/07/2026
9.8 Critical

Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Gis Informatics Engineering Consulting Laboratory R&D and Software …

Attack vector
NETWORK
Complexity
LOW
Published
17/07/2026
9.8 Critical

Unverified password change vulnerability in Vimesoft Inc. Enterprise Video Platform allows Authentication Bypass. This issue affects Enterprise Video Platform: from 3.11.0.0 before …

Attack vector
NETWORK
Complexity
LOW
Published
17/07/2026
9.8 Critical

libpvestorage-perl v9.1.1 and libpve-storage-perl v8.3.7 were discovered to contain an XML External Entity (XXE) vulnerability.

Attack vector
Network
Complexity
Low
Published
17/07/2026
9.8 Critical

The AI Copilot WordPress plugin before 1.5.4 does not bind OAuth access tokens to a WordPress user, and accepts any valid token …

Attack vector
Network
Complexity
Low
EPSS
0.0014 (P3.5%)
Published
17/07/2026