216.73.217.80

Threat intelligence dashboard

Today's CVEs, attack reports, and CISA KEV — CVSS, EPSS, and MITRE context at a glance.

Attack reports – last 7 days · through Wednesday 1 July 2026 (23)

Vulnerabilities today (468)

Sorted by CVSS severity (highest first)

10.0 Critical

The payment integration pretix-oppwa provides support for the payment providers VR Payment, Hobex, and potentially others based on Oppwa's technology. The integration …

Published
01/07/2026
10.0 Critical

Storage Concentrator (SC & SCVM) contains a command injection vulnerability within the debug.pl script that is reachable without authentication. A remote attacker …

Attack vector
Network
Complexity
Low
Published
01/07/2026
10.0 Critical

Storage Concentrator (SC & SCVM) contains a command injection vulnerability in the ms_service.pl service, which listens on TCP port 9000 by default …

Attack vector
Network
Complexity
Low
Published
01/07/2026
10.0 Critical

Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to …

Attack vector
NETWORK
Complexity
LOW
Published
01/07/2026
9.8 Critical

PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registered with ObjectURIs RemoteObj and UIRemoteObj, without any …

Attack vector
NETWORK
Complexity
LOW
Published
01/07/2026
9.8 Critical

Incorrect Privilege Assignment vulnerability in LCweb PrivateContent allows Privilege Escalation. This issue affects PrivateContent: from n/a through 9.9.2.

Attack vector
Network
Complexity
Low
Published
01/07/2026
9.8 Critical

The SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery plugin for WordPress is vulnerable to privilege …

Attack vector
NETWORK
Complexity
LOW
Published
01/07/2026
9.8 Critical

UltraVNC repeater through 1.8.2.2 contains a global buffer overflow in its embedded HTTP administration server. The functions wi_senderr() and wi_replyhdr() in repeater/webgui/webutils.c …

Attack vector
Network
Complexity
Low
Published
01/07/2026
9.8 Critical

Grav CMS before 2.0.0-beta.2 contains multiple code-execution vulnerabilities. Three unsafe unserialize() calls - in Scheduler\JobQueue, Framework\Cache\Adapter\FileCache, and Session - deserialize untrusted data …

Attack vector
Network
Complexity
Low
Published
01/07/2026
9.8 Critical

Use after free in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in …

Attack vector
NETWORK
Complexity
LOW
Published
01/07/2026
9.8 Critical

Type Confusion in Dawn in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially …

Attack vector
NETWORK
Complexity
LOW
Published
01/07/2026
9.8 Critical

Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to …

Attack vector
NETWORK
Complexity
LOW
Published
01/07/2026
9.8 Critical

txtai through 9.10.0, fixed in commit 11b32da, exposes an API /reindex endpoint whose function body parameter is resolved through txtai.util.Resolver, which performs …

Attack vector
NETWORK
Complexity
LOW
Published
01/07/2026
9.8 Critical

A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, …

Attack vector
NETWORK
Complexity
LOW
Published
01/07/2026
9.8 Critical

An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: …

Attack vector
NETWORK
Complexity
LOW
Published
01/07/2026