Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Active exploit activity
Open-emr Openemr RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Active exploit activity
Cerberusftp Ftp Server cross-site scripting now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Critical exposure
New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
The Web Client in Cerberus FTP Server Enterprise before 10.0.19 and 11.x before 11.0.4 allows XSS via an SVG document.
Microsoft SharePoint Server Spoofing Vulnerability
In Accela Civic Platform through 21.1, the security/hostSignon.do parameter servProvCode is vulnerable to XSS.
The Database Backups WordPress plugin through 1.2.2.6 does not have CSRF checks, allowing attackers to make a logged in user unwanted act...
OpenEMR 5.0.0 and prior allows low-privilege users to upload files of dangerous types which can result in arbitrary code execution within...
Nothing flagged in this category for this digest.
In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds write due to a heap buffer overflow.
A heap-based buffer overflow vulnerability exists in the PSD read_icc_icCurve_data functionality of Accusoft ImageGear 19.9.
An out-of-bounds write vulnerability exists in the JPG Handle_JPEG420 functionality of Accusoft ImageGear 19.9.
An improper array index validation vulnerability exists in the TIF IP_planar_raster_unpack functionality of Accusoft ImageGear 19.9.
Improper Authorization vulnerability in Gallagher Command Centre Server allows command line macros to be modified by an unauthorised Comm...
A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to...
In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php.
The affected product is vulnerable to an out-of-bounds write, which may result in corruption of data or code execution on the Welch Allyn...
The affected product’s configuration is vulnerable due to missing authentication, which may allow an attacker to change configurations an...
Thycotic Password Reset Server before 5.3.0 allows credential disclosure.