Jul 1, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Microsoft Windows added to CISA KEV — confirmed in-the-wild exploitation.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2022-26925 Microsoft Windows LSA Spoofing

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Confirmed in-the-wild exploitation per CISA KEV — active threat momentum, not theoretical risk.

Critical exposure

CVE-2022-2185 Gitlab RCE

  • CVSS 9.9
  • Remote code execution exposure

New critical Gitlab RCE (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2022-31604 Nvidia Nvflare RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Nvidia Nvflare RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-2185 CVSS 9.9

A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1...

CVE-2022-2253 CVSS 9.1

A user with administrative privileges in Distributed Data Systems WebHMI 4.1.1.7662 may send OS commands to execute on the host server.

CVE-2022-31604 CVSS 9.8

NVFLARE, versions prior to 2.1.2, contains a vulnerability in its PKI implementation module, where The CA credentials are transported via...

CVE-2022-31605 CVSS 9.8

NVFLARE, versions prior to 2.1.2, contains a vulnerability in its utils module, where YAML files are loaded via yaml.load() instead of ya...

CVE-2022-31943 CVSS 9.8

MCMS v5.2.8 was discovered to contain an arbitrary file upload vulnerability.

CVE-2022-32032 CVSS 9.8

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the deviceList parameter in the function formAddMacfilterRule.

CVE-2022-32093 CVSS 9.8

Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at adminlogin.php.

CVE-2022-32094 CVSS 9.8

Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at doctorlogin.php.

CVE-2022-32095 CVSS 9.8

Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at orders.php.

CVE-2022-32324 CVSS 9.8

PDFAlto v0.4 was discovered to contain a heap buffer overflow via the component /pdfalto/src/pdfalto.cc.

View critical disclosures

cvelogic Threat Intelligence