Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Active exploit activity
Atlassian Confluence Server/Data Center RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Critical exposure
New critical Dynamicvision Dynamicmarkt SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Dynamicvision Dynamicmarkt SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Atlassian Confluence Server and Data Center Remote Code Execution
Nothing flagged in this category for this digest.
dynamicMarkt <= 3.10 is affected by SQL injection in the parent parameter of index.php.
dynamicMarkt <= 3.10 is affected by SQL injection in the kat1 parameter of index.php.
dynamicMarkt <= 3.10 is affected by SQL injection in the kat parameter of index.php.
IdeaLMS 2022 allows SQL injection via the IdeaLMS/ChatRoom/ClassAccessControl/6?isBigBlueButton=0&ClassID= pathname.
An issue was discovered in Couchbase Sync Gateway 3.x before 3.0.2.