Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
New critical Dimforge Nalgebra Out-of-Bounds Write (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Go-unarr Project Go-unarr Directory Traversal (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
An issue was discovered in the libp2p-deflate crate before 0.27.1 for Rust.
An issue was discovered in the array-tools crate before 0.3.2 for Rust.
An issue was discovered in the anymap crate through 0.12.1 for Rust.
An issue was discovered in the iced-x86 crate through 1.10.3 for Rust.
An issue was discovered in the lettre crate before 0.9.6 for Rust.
An issue was discovered in the nalgebra crate before 0.27.1 for Rust.
An issue was discovered in the ark-r1cs-std crate before 0.3.1 for Rust.
An issue was discovered in the libsecp256k1 crate before 0.5.0 for Rust.
An issue was discovered in the better-macro crate through 2021-07-22 for Rust.
unarr.go in go-unarr (aka Go bindings for unarr) 0.1.1 allows Directory Traversal via ../ in a pathname within a TAR archive.