May 26, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2022-26708 This issue was addressed with improved checks.

  • CVSS 9.8
  • Remote code execution exposure

New critical Apple Macos RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2022-26711 An integer overflow issue was addressed with improved input validation.

  • CVSS 9.8
  • Remote code execution exposure

New critical Apple Ipados RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2022-26723 A memory corruption issue was addressed with improved input validation.

  • CVSS 9.8
  • Remote code execution exposure

New critical Apple Macos RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-26693 CVSS 9.1

This issue was addressed with improved checks.

CVE-2022-26694 CVSS 9.1

This issue was addressed with improved checks.

CVE-2022-26708 CVSS 9.8

This issue was addressed with improved checks.

CVE-2022-26711 CVSS 9.8

An integer overflow issue was addressed with improved input validation.

CVE-2022-26723 CVSS 9.8

A memory corruption issue was addressed with improved input validation.

CVE-2022-26775 CVSS 9.8

An integer overflow was addressed with improved input validation.

CVE-2022-26776 CVSS 9.8

This issue was addressed with improved checks.

CVE-2022-29632 CVSS 9.8

An arbitrary file upload vulnerability in the component /course/api/upload/pic of Roncoo Education v9.0.0 allows attackers to execute arb...

CVE-2022-29633 CVSS 9.8

An access control issue in Linglong v1.0 allows attackers to access the background of the application via a crafted cookie.

CVE-2022-30584 CVSS 9.6

Archer Platform 6.3 before 6.11 (6.11.0.0) contains an Improper Access Control Vulnerability within SSO ADFS functionality that could pot...

View critical disclosures

cvelogic Threat Intelligence