Threat intelligence dashboard
Today's CVEs, attack reports, and CISA KEV — CVSS, EPSS, and MITRE context at a glance.
Attack reports – last 7 days · through Friday 17 July 2026 (22)
-
Confidence 100 19 MITREs 2 Malwares 13 IOCs 4 Observables 1 APT
-
Confidence 100 18 MITREs 2 Malwares 16 IOCs 16 Observables
-
Confidence 100 23 MITREs 3 Malwares 7 IOCs 1 Observable
-
Confidence 100 2 Malwares 13 IOCs 4 Observables
-
Confidence 100 21 MITREs 5 Malwares 14 IOCs 3 Observables 1 APT
Vulnerabilities today (280)
Jupyter Enterprise Gateway launches remote Jupyter Notebook kernels across distributed clusters like Apache Spark, Kubernetes, and Docker Swarm. In versions prior to …
- Published
- 17/07/2026
Jupyter Enterprise Gateway launches remote Jupyter Notebook kernels across distributed clusters like Apache Spark, Kubernetes, and Docker Swarm. In versions 2.0.0rc2 and …
- Published
- 17/07/2026
IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow an attacker to write arbitrary files to unintended locations due to improper input …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 17/07/2026
IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to escalate privileges to superuser by directly manipulating the database, execute arbitrary system …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 17/07/2026
IBM Langflow OSS 1.0.0 through 1.10.0 contain a critical remote code execution vulnerability in the code validation API endpoint. The POST /api/v1/validate/code …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 17/07/2026
IBM Langflow OSS 1.0.0 through 1.10.0 contain a critical remote code execution vulnerability in the disk-based caching mechanism. The AsyncDiskCache class uses …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 17/07/2026
IBM Langflow OSS 1.0.0 through 1.10.0 Langflow versions up to 1.9.2 (commit 94981c443d4918517b9e8163d70fc598dc33a32d) contain a code injection vulnerability in the Policies component's …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 17/07/2026
IBM Langflow OSS 1.0.0 through 1.10.0 has a vulnerability in Langflow's webhook authentication logic allows unauthenticated users to trigger the execution of …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 17/07/2026
IBM Langflow OSS 1.0.0 through 1.10.0 could allow a remote attacker to gain unauthorized access due to improper authentication in the /api/v1/login/auto_login …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 17/07/2026
IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to create unlimited user accounts on any Langflow instance; when NEW_USER_IS_ACTIVE=true (documented deployment …
- Attack vector
- Network
- Complexity
- Low
- Published
- 17/07/2026
IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to chain /api/v1/auto_login (mints SUPERUSER tokens to any network caller) with /api/v1/validate/code (executes …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 17/07/2026
Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Gis Informatics Engineering Consulting Laboratory R&D and Software …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 17/07/2026
Unverified password change vulnerability in Vimesoft Inc. Enterprise Video Platform allows Authentication Bypass. This issue affects Enterprise Video Platform: from 3.11.0.0 before …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 17/07/2026
libpvestorage-perl v9.1.1 and libpve-storage-perl v8.3.7 were discovered to contain an XML External Entity (XXE) vulnerability.
- Attack vector
- Network
- Complexity
- Low
- Published
- 17/07/2026
The AI Copilot WordPress plugin before 1.5.4 does not bind OAuth access tokens to a WordPress user, and accepts any valid token …
- Attack vector
- Network
- Complexity
- Low
- EPSS
- 0.0014 (P3.5%)
- Published
- 17/07/2026