Sep 6, 2021 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Flatcore-cms: public exploit or PoC linked (RCE)
  • 4 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2021-39608 Flatcore-cms RCE

  • Public exploit or PoC available
  • Exploit activity linked
  • Remote code execution exposure

Flatcore-cms RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2021-40352 Open-emr Openemr

  • Public exploit or PoC available
  • Exploit activity linked

Public exploit or PoC linked — exploitation bar is lower than disclosure-only CVEs.

Critical exposure

CVE-2021-40531 Sketch before 75 allows library feeds to be used to bypass file quarantine.

  • CVSS 9.8
  • Remote code execution exposure

New critical Sketch RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2021-40352 Exploit

OpenEMR 6.0.0 has a pnotes_print.php?noteid= Insecure Direct Object Reference vulnerability via which an attacker can read the messages o...

CVE-2021-39608 Exploit

Remote Code Execution (RCE) vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious use...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-3766 CVSS 9.8

objection.js is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CVE-2021-40531 CVSS 9.8

Sketch before 75 allows library feeds to be used to bypass file quarantine.

CVE-2021-40532 CVSS 9.8

Telegram Web K Alpha before 0.7.2 mishandles the characters in a document extension.

CVE-2021-40540 CVSS 9.8

ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info initialization and a con_info->request NULL check for certain malf...

View critical disclosures

cvelogic Threat Intelligence