May 11, 2021 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
- 10 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
CVE-2021-28476
Windows Hyper-V Remote Code Execution Vulnerability
- CVSS 9.9
- Remote code execution exposure
New critical Microsoft Windows 10 RCE (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
CVE-2021-31166
Microsoft HTTP Protocol Stack Remote Code Execution
- CVSS 9.8
- Remote code execution exposure
New critical Microsoft HTTP Protocol Stack RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
CVE-2021-31897
Jetbrains Webstorm Code Execution
- CVSS 9.8
- Remote code execution exposure
New critical Jetbrains Webstorm Code Execution (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
View KEV additions
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
Windows Hyper-V Remote Code Execution Vulnerability
Due to how Wire handles type information in its serialization format, malicious payloads can be passed to a deserializer.
Microsoft HTTP Protocol Stack Remote Code Execution
In JetBrains WebStorm before 2021.1, code execution without user confirmation was possible for untrusted projects.
In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible.
In JetBrains TeamCity before 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was possible.
In JetBrains TeamCity before 2020.2.4, OS command injection leading to remote code execution was possible.
An issue was discovered on Zebra (formerly Motorola Solutions) Fixed RFID Reader FX9500 devices.
An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2.
zzzcms zzzphp before 2.0.4 allows remote attackers to execute arbitrary OS commands by placing them in the keys parameter of a ?location=...
View critical disclosures
cvelogic
Threat Intelligence