Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Active exploit activity
Sonicwall Sma 200 Firmware Path Traversal now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Critical exposure
New critical Discourse RCE (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delet...
Nothing flagged in this category for this digest.
ZTE MF971R product has two stack-based buffer overflow vulnerabilities.
ZTE MF971R product has two stack-based buffer overflow vulnerabilities.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Coherence Container).
Vulnerability in the Essbase Administration Services product of Oracle Essbase (component: EAS Console).
Discourse is an open source platform for community discussion.
The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to cause a denial of service (delayed consens...
The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to cause a denial of service (long-range cons...