Aug 12, 2021 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Altova Mobiletogether Server: public exploit or PoC linked (XXE)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2021-37425 Altova Mobiletogether Server XXE

  • Public exploit or PoC available
  • Exploit activity linked

Altova Mobiletogether Server XXE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2021-26432 Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability

  • CVSS 9.8
  • Remote code execution exposure

New critical Microsoft Windows 10 RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2021-28890 J2eefast SQL Injection

  • CVSS 9.8

New critical J2eefast SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2021-37425 Exploit

Altova MobileTogether Server before 7.3 SP1 allows XXE attacks, such as an InfoSetChanges/Changes attack against /workflowmanagement, or...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2020-36363 CVSS 9.8

Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, which some ent...

CVE-2021-26432 CVSS 9.8

Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability

CVE-2021-28121 CVSS 9.8

Virtual Robots.txt before 1.10 does not block HTML tags in the robots.txt field.

CVE-2021-28890 CVSS 9.8

J2eeFAST 2.2.1 allows remote attackers to perform SQL injection via the (1) compId parameter to fast/sys/user/list, (2) deptId parameter...

CVE-2021-29377 CVSS 9.8

Pear Admin Think through 2.1.2 has an arbitrary file upload vulnerability that allows attackers to execute arbitrary code remotely.

CVE-2021-31556 CVSS 9.8

An issue was discovered in the Oauth extension for MediaWiki through 1.35.2.

CVE-2021-31698 CVSS 9.8

Quectel EG25-G devices through 202006130814 allow executing arbitrary code remotely by using an AT command to place shell metacharacters...

CVE-2021-33199 CVSS 9.8

In Expression Engine before 6.0.3, addonIcon in Addons/file/mod.file.php relies on the untrusted input value of input->get('file') instea...

CVE-2021-37599 CVSS 9.8

The exporter/Login.aspx login form in the Exporter in Nuance Winscribe Dictation 4.1.0.99 is vulnerable to SQL injection that allows a re...

CVE-2021-37678 CVSS 9.3

TensorFlow is an end-to-end open source platform for machine learning.

View critical disclosures

cvelogic Threat Intelligence