Critical exposure
CVE-2022-28368 Dompdf Project Dompdf RCE
- CVSS 9.8
- Remote code execution exposure
New critical Dompdf Project Dompdf RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
New critical Dompdf Project Dompdf RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Dompdf 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets (CSS) statement (w...