Dashboard
Curated security signal.
Analysis, not noise.
A reading view across the CVE work, OSINT investigations, and detection coverage that's currently in scope. Updated as analyses are published - not real-time, deliberately.
Active Operations
HackTheBox · Live Telemetry
OmniscientGlobal Rank #15
System Owns
234
8 Bloods
User Owns
251
12 Bloods
Respect
4192
Platform Kudos
Rank Progress
100%
Req: 100%
OmniscientMAX RANK
CVEs reviewed
142
since 2025-09
Sigma rules
37
open-sourced
Lab tracks
24
across 6 categories
OSINT cases
8
published / 4 active
Reviewed CVEs
Curated · last 90 days- CriticalCVE-2026-3849Remote code execution via deserialised metadataCVSS 9.8Reviewed
- HighCVE-2026-3712Auth bypass through OAuth proxy state handlingCVSS 8.4Reviewed
- HighCVE-2026-3611SSRF leaking cloud metadata service credentialsCVSS 8.1Tracked
- MediumCVE-2026-3502Stored XSS in admin console search fieldCVSS 6.7Tracked
- CriticalCVE-2026-3401Deserialisation RCE in message-bus consumerCVSS 9.6Reviewed
- HighCVE-2026-3370Path traversal via file API content-dispositionCVSS 7.9Reviewed
- HighCVE-2026-3258Privilege escalation via crafted setuid invocationCVSS 7.6Tracked
- MediumCVE-2026-3119Reflected XSS via search query parameterCVSS 6.1Patched
- HighCVE-2026-3081JWT alg confusion in identity providerCVSS 8Reviewed
- CriticalCVE-2026-2944Heap overflow in message parserCVSS 9.3Patched
- MediumCVE-2026-2812CSRF in admin API endpointCVSS 5.9Tracked
- HighCVE-2026-2680Open redirect via OAuth redirect_uriCVSS 7.4Patched
Technique coverage
MITRE ATT&CK- T1078 Valid Accounts86
- T1059 Command-Line Interpreter71
- T1003 OS Credential Dumping64
- T1021 Remote Services49
- T1486 Data Encrypted for Impact28
- T1055 Process Injection56
- T1547 Boot or Logon Persistence41
Coverage reflects rule sets and lab tracks currently shipped - not aspirational scope.