Threat intelligence dashboard
Today's CVEs, attack reports, and CISA KEV — CVSS, EPSS, and MITRE context at a glance.
Attack reports – last 7 days · through Tuesday 7 July 2026 (23)
-
Confidence 100 19 MITREs 2 Malwares 13 IOCs 7 Observables
-
Confidence 100 3 CVEs 4 Malwares 6 IOCs 5 Observables 1 APT
-
Confidence 100 20 MITREs 6 Malwares 9 IOCs 5 Observables
-
Confidence 100 33 IOCs 14 Observables
-
Confidence 100 10 MITREs 33 IOCs 14 Observables
Vulnerabilities today (95)
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal websocket bootstrap routes only check …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 07/07/2026
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal WebSocket bootstrap routes did not …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 07/07/2026
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, the cloneTo() Livewire action in ResourceOperations.php …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 07/07/2026
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release …
- Attack vector
- Network
- Complexity
- Low
- Published
- 07/07/2026
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release …
- Attack vector
- Network
- Complexity
- Low
- Published
- 07/07/2026
The WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell plugin for WordPress is vulnerable to Remote Code Execution …
- Attack vector
- Network
- Complexity
- Low
- Published
- 07/07/2026
The uncanny-automator-pro WordPress plugin before 7.3.0.6 was distributed with malicious code after the vendor's uncanny-automator-pro WordPress plugin before 7.3.0.6 update/distribution infrastructure was …
- Attack vector
- NETWORK
- Complexity
- LOW
- EPSS
- 0.0015 (P4.2%)
- Published
- 07/07/2026
The DoLeads Integrator WordPress plugin through 0.65, wp2epub WordPress plugin through 0.65 have been seen to be used to achieve RCE, once …
- Attack vector
- NETWORK
- Complexity
- HIGH
- EPSS
- 0.0015 (P4.8%)
- Published
- 07/07/2026
FOSSBilling is a free, open-source billing and client management system. Versions 0.6.10 through 0.7.2 have a PHP code injection vulnerability in FOSSBilling's …
- Published
- 07/07/2026
A vulnerability has been identified in Fleet's agent-side deployer, which did not filter security-sensitive keys from namespaceLabels in fleet.yaml (or BundleDeployment.spec.options.namespaceLabels) when …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 07/07/2026
Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in HAVELSAN Inc. Liman MYS allows LDAP Injection. This …
- Attack vector
- Network
- Complexity
- Low
- Published
- 07/07/2026
A flaw was found in SSSD's LDAP sudo provider. When the ldap_sudo_search_base option is not explicitly configured, SSSD searches the entire LDAP …
- Attack vector
- Network
- Complexity
- Low
- Published
- 07/07/2026
A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server (389-ds-base). After a successful SASL bind …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 07/07/2026
MicroRealEstate allows adversaries to bypass authentication due to a lack of token state management. This would permit adversaries targeting MicroRealEstate deployments to …
- Published
- 07/07/2026
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, the executeInDocker() helper wraps user-controlled commands …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 07/07/2026