Apr 26, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Gitlab: public exploit or PoC linked (cross-site scripting)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2022-1175 Gitlab cross-site scripting

  • Public exploit or PoC available
  • Exploit activity linked

Gitlab cross-site scripting now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2022-1162 A hardcoded password was set for accounts registered using an OmniAuth provider (e.g.

  • Public exploit or PoC available
  • Exploit activity linked

Public exploit or PoC linked — exploitation bar is lower than disclosure-only CVEs.

Critical exposure

CVE-2022-24706 Apache CouchDB Insecure Default Initialization of Resource

  • CVSS 9.8
  • Potential privilege escalation to admin/root

New critical Apache CouchDB privilege escalation (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2022-1162 Exploit

A hardcoded password was set for accounts registered using an OmniAuth provider (e.g.

CVE-2022-1175 Exploit

Improper neutralization of user input in GitLab CE/EE versions 14.4 before 14.7.7, all versions starting from 14.8 before 14.8.5, all ver...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-24706 CVSS 9.8

Apache CouchDB Insecure Default Initialization of Resource

CVE-2022-24882 CVSS 9.1

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP).

CVE-2022-27299 CVSS 9.8

Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the component room.php.

CVE-2022-27332 CVSS 9.1

An access control issue in Zammad v5.0.3 allows attackers to write entries to the CTI caller log without authentication.

CVE-2022-27468 CVSS 9.8

Monstaftp v2.10.3 was discovered to contain an arbitrary file upload which allows attackers to execute arbitrary code via a crafted file...

CVE-2022-27469 CVSS 9.8

Monstaftp v2.10.3 was discovered to allow attackers to execute Server-Side Request Forgery (SSRF).

CVE-2022-27984 CVSS 9.8

CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via the menu_filter parameter at /administrator/templates/default/h...

CVE-2022-27985 CVSS 9.8

CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via /administrator/alerts/alertLightbox.php.

CVE-2022-28521 CVSS 9.8

ZCMS v20170206 was discovered to contain a file inclusion vulnerability via index.php?m=home&c=home&a=sp_set_config.

CVE-2022-28524 CVSS 9.8

ED01-CMS v20180505 was discovered to contain a SQL injection vulnerability via the component post.php.

View critical disclosures

cvelogic Threat Intelligence