216.73.216.214

Threat intelligence dashboard

Today's CVEs, attack reports, and CISA KEV — CVSS, EPSS, and MITRE context at a glance.

Attack reports – last 7 days · through Monday 6 July 2026 (21)

Vulnerabilities today (61)

Sorted by CVSS severity (highest first)

9.8 Critical

Prog Management System developed by PROG MIS has a Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to view a specific …

Attack vector
NETWORK
Complexity
LOW
Published
06/07/2026
9.8 Critical

ERP App developed by PROG MIS has a Use of Hard-coded Credentials vulnerability, allowing unauthenticated remote attackers to log in to view …

Attack vector
NETWORK
Complexity
LOW
Published
06/07/2026
9.3 Critical

An authenticated user could manipulate a company ID parameter in a POST request to the backend to gain unauthorised access to other …

Published
06/07/2026
9.1 Critical

The FileOrganizer WordPress plugin before 1.1.9, Advanced File Manager WordPress plugin before 5.4.12, File Manager Pro WordPress plugin before 2.1.1, File Manager …

Attack vector
NETWORK
Complexity
LOW
EPSS
0.0052 (P40.1%)
Published
06/07/2026
8.8 High

The FileOrganizer WordPress plugin before 1.2.0 does not validate the file type on several of its file-management operations, allowing authenticated users who …

Attack vector
NETWORK
Complexity
LOW
EPSS
0.0020 (P10.3%)
Published
06/07/2026
8.8 High

The Simple Membership WordPress plugin before 4.7.5 does not verify the authenticity of Stripe webhook requests when no signing secret is configured, …

Attack vector
NETWORK
Complexity
LOW
EPSS
0.0018 (P7.8%)
Published
06/07/2026
8.8 High

The AllCoach WordPress plugin before 1.0.2 does not verify that an email address submitted to a public account-registration endpoint is not already …

Attack vector
NETWORK
Complexity
LOW
Published
06/07/2026
8.7 High

Inefficient Algorithmic Complexity vulnerability in elixir-mint hpax allows unauthenticated denial-of-service via unbounded HPACK integer decoding. hpax decodes HPACK variable-length integers with no …

Published
06/07/2026
8.7 High

Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint mint (Mint.HTTP1 module) allows a denial of service via an oversized chunked …

Published
06/07/2026
8.6 High

The throttling event handling mechanism in multiple WSO2 products accepts user-supplied JSON payloads without sufficient validation of their structure and content. This …

Attack vector
Network
Complexity
Low
Published
06/07/2026
8.3 High

Potential forgery of webhook requests when using a unauthenticated webhook in SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before …

Published
06/07/2026
8.1 High

The Admin and Site Enhancements (ASE) WordPress plugin before 8.8.4, admin-site-enhancements-pro WordPress plugin before 8.8.4 does not perform authentication, authorization, or nonce …

Attack vector
NETWORK
Complexity
HIGH
EPSS
0.0018 (P8.2%)
Published
06/07/2026
8.0 High

The Ultimate Member WordPress plugin before 2.12.0 does not properly sanitise and escape the value of custom textarea profile fields before outputting …

Attack vector
NETWORK
Complexity
LOW
Published
06/07/2026
7.7 High

Untrusted Search Path vulnerability in B&R Industrial Automation GmbH APROL. This issue affects APROL: before R 4.4-01P5.

Attack vector
Local
Complexity
Low
Published
06/07/2026
7.7 High

A flaw was found in Red Hat Advanced Cluster Security for Kubernetes (RHACS). Central does not limit the depth of GraphQL queries …

Attack vector
Network
Complexity
Low
Published
06/07/2026