May 10, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • F5 BIG-IP added to CISA KEV — confirmed in-the-wild exploitation.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2022-1388 F5 BIG-IP Missing Authentication

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Confirmed in-the-wild exploitation per CISA KEV — active threat momentum, not theoretical risk.

Critical exposure

CVE-2022-22012 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

  • CVSS 9.8
  • Remote code execution exposure

New critical Microsoft Windows 10 RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2022-26937 Windows Network File System Remote Code Execution Vulnerability

  • CVSS 9.8
  • Remote code execution exposure

New critical Microsoft Windows Server RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-20120 CVSS 9.8

Product: AndroidVersions: Android kernelAndroid ID: A-203213034References: N/A

CVE-2022-22012 CVSS 9.8

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2022-26937 CVSS 9.8

Windows Network File System Remote Code Execution Vulnerability

CVE-2022-29130 CVSS 9.8

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2022-29394 CVSS 9.8

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448.

CVE-2022-29395 CVSS 9.8

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the apcliKey parameter in the function FUN_0041bac4.

CVE-2022-29396 CVSS 9.8

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418f10.

CVE-2022-29397 CVSS 9.8

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004196c8.

CVE-2022-29398 CVSS 9.8

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the File parameter in the function FUN_0041309c.

CVE-2022-29399 CVSS 9.8

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the url parameter in the function FUN_00415bf0.

View critical disclosures

cvelogic Threat Intelligence