Threat intelligence dashboard
Today's CVEs, attack reports, and CISA KEV — CVSS, EPSS, and MITRE context at a glance.
Attack reports – last 7 days · through Tuesday 30 June 2026 (33)
-
Confidence 100 8 MITREs 2 Malwares 19 IOCs 10 Observables
-
Confidence 100 19 MITREs 2 Malwares 1 IOC 1 Observable 1 APT
-
Confidence 100 3 CVEs 1 Malware 6 IOCs
-
Confidence 100 1 CVE 19 MITREs 2 Malwares 4 IOCs 2 Observables
-
Confidence 100 2 MITREs 3 IOCs 3 Observables
Vulnerabilities today (112)
Adobe Campaign Classic (ACC) versions 7.4.3 build 9396 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 30/06/2026
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 30/06/2026
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 30/06/2026
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 30/06/2026
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 30/06/2026
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 30/06/2026
LLaMA-Factory through 0.9.5 contains a remote code execution vulnerability that allows attackers with WebUI access to execute arbitrary Python code by supplying …
- Attack vector
- Network
- Complexity
- Low
- Published
- 30/06/2026
Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Eksagate Electronic Engineering and Computer Industry Trade Inc. …
- Attack vector
- Network
- Complexity
- Low
- Published
- 30/06/2026
Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to …
- Attack vector
- Network
- Complexity
- Low
- Published
- 30/06/2026
DBIx::QuickORM versions before 0.000026 for Perl allow SQL injection via unquoted SQL identifiers. The default SQL builder, a SQL::Abstract subclass, sets bindtype …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 30/06/2026
The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress (full) is vulnerable to SQL Injection via the WordPress 'search' parameter …
- Attack vector
- Network
- Complexity
- Low
- Published
- 30/06/2026
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions …
- Attack vector
- Network
- Complexity
- Low
- Published
- 30/06/2026
A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service (ACS) handler did not enforce one-time use of SAML assertion, potentially allowing …
- Published
- 30/06/2026
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 30/06/2026
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 30/06/2026