Jun 2, 2021 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Seopanel Seo Panel: public exploit or PoC linked (XSS)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2014-8722 Get-simple Getsimple Cms privilege escalation

  • Public exploit or PoC available
  • Exploit activity linked
  • Potential privilege escalation to admin/root

Get-simple Getsimple Cms privilege escalation now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2020-11978 Apache Airflow Command Injection

  • Public exploit or PoC available
  • Exploit activity linked

Apache Airflow Command Injection now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2009-0948 Apple Files Buffer Overflow

  • CVSS 9.8

New critical Apple Files Buffer Overflow (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2021-28417 Exploit

A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php and the "search_name"...

CVE-2021-28418 Exploit

A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via settings.php and the "category" pa...

CVE-2021-21337 Exploit

Products.PluggableAuthService is a pluggable Zope authentication and authorization framework.

CVE-2020-13927 Exploit

Apache Airflow's Experimental API Authentication Bypass

CVE-2014-8722 Exploit

GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive information via a direct request to (1) data/users/<username>.xml, (2) ba...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2009-0947 CVSS 9.8

Multiple integer overflows in the (1) cdf_read_property_info and (2) cdf_read_sat functions in file before 5.02.

CVE-2009-0948 CVSS 9.8

Multiple buffer overflows in the (1) cdf_read_sat, (2) cdf_read_long_sector_chain, and (3) cdf_read_ssat function in file before 5.02.

CVE-2020-35441 CVSS 9.8

FDCMS (aka Fangfa Content Management System) 4.0 contains a front-end SQL injection via Admin/Lib/Action/FloginAction.class.php.

CVE-2020-35442 CVSS 9.8

FDCMS (also known as Fangfa Content Management System) 4.0 allows remote attackers to get a webshell in the background via Front/lib/Acti...

CVE-2021-25287 CVSS 9.1

An issue was discovered in Pillow before 8.2.0.

CVE-2021-25288 CVSS 9.1

An issue was discovered in Pillow before 8.2.0.

CVE-2021-26707 CVSS 9.8

The merge-deep library before 3.0.3 for Node.js can be tricked into overwriting properties of Object.prototype or adding new properties t...

CVE-2021-30474 CVSS 9.8

aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30 has a use-after-free.

CVE-2021-31921 CVSS 9.8

Istio before 1.8.6 and 1.9.x before 1.9.5 contains a remotely exploitable vulnerability where an external client can access unexpected se...

CVE-2021-3538 CVSS 9.8

A flaw was found in github.com/satori/go.uuid in versions from commit 0ef6afb2f6cdd6cdaeee3885a95099c63f18fc8c to d91630c8510268e75203009...

View critical disclosures

cvelogic Threat Intelligence