Jan 18, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

Nagios XI: 3 CVEs added to CISA KEV today.
Crestron Hd-md4x2-4k-e Firmware: public exploit or PoC linked
6 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2020-11978 Apache Airflow Command Injection

Actively exploited (CISA KEV)
Listed on CISA KEV

Apache Airflow Command Injection is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Active exploit activity

CVE-2022-23178 An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices.

Public exploit or PoC available
Exploit activity linked

Public exploit or PoC linked — exploitation bar is lower than disclosure-only CVEs.

Critical exposure

CVE-2021-38697 Softvibe Saraban RCE

CVSS 9.8
Remote code execution exposure

New critical Softvibe Saraban RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2021-40870 KEV

Aviatrix Controller Unrestricted Upload of File

CVE-2021-32648 KEV

October CMS Improper Authentication

CVE-2021-33766 KEV

Microsoft Exchange Server Information Disclosure

CVE-2021-21975 KEV

VMware Server Side Request Forgery in vRealize Operations Manager API

CVE-2021-22991 KEV

F5 BIG-IP Traffic Management Microkernel Buffer Overflow

CVE-2021-21315 KEV

System Information Library for Node.JS Command Injection

CVE-2021-25296 KEV

Nagios XI OS Command Injection

CVE-2021-25297 KEV

Nagios XI OS Command Injection

CVE-2021-25298 KEV

Nagios XI OS Command Injection

CVE-2020-13671 KEV

Drupal core Un-restricted Upload of File

CVE-2020-13927 KEV

Apache Airflow's Experimental API Authentication Bypass

CVE-2020-14864 KEV

Oracle Business Intelligence Enterprise Edition Path Transversal

View KEV additions

Exploit & PoC activity

CVE-2022-23178 Exploit

An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-29215 CVSS 9.8

A potential security vulnerability in HPE Ezmeral Data Fabric that may allow a remote access restriction bypass in the TEZ MapR ecosystem...

CVE-2021-38697 CVSS 9.8

SoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted File Upload, that allows attackers to upload files with any file exte...

CVE-2021-44757 CVSS 9.1

Zoho ManageEngine Desktop Central before 10.1.2137.9 and Desktop Central MSP before 10.1.2137.9 allow attackers to bypass authentication,...

CVE-2021-46013 CVSS 9.8

An unrestricted file upload vulnerability exists in Sourcecodester Free school management software 1.0.

CVE-2022-23305 CVSS 9.8

By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are conv...

CVE-2022-23408 CVSS 9.1

wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations.

View critical disclosures

cvelogic Threat Intelligence