Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
Synacor Zimbra Collaboration Suite (ZCS) Directory Traversal is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
Critical exposure
New critical Google Android RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Google Android RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
Synacor Zimbra Collaboration Suite (ZCS) Authentication Bypass
Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
In BuildDevIDResponse of miscdatabuilder.cpp, there is a possible out of bounds write due to a missing bounds check.
Product: AndroidVersions: Android kernelAndroid ID: A-229632566References: N/A
Product: AndroidVersions: Android kernelAndroid ID: A-234657153References: N/A
Product: AndroidVersions: Android kernelAndroid ID: A-188935887References: N/A
Product: AndroidVersions: Android kernelAndroid ID: A-211727306References: N/A
In cd_CodeMsg of cd_codec.c, there is a possible out of bounds write due to a missing bounds check.
Product: AndroidVersions: Android kernelAndroid ID: A-218701042References: N/A
Product: AndroidVersions: Android kernelAndroid ID: A-207975764References: N/A
Product: AndroidVersions: Android kernelAndroid ID: A-216363416References: N/A
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.11.0 are susceptible to a URL parsing vulnera...