Dec 29, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • TIBCO JasperReports: 2 CVEs added to CISA KEV today.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2018-18809 TIBCO JasperReports Library Directory Traversal

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

TIBCO JasperReports Directory Traversal is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

High-risk exposure

CVE-2022-36437 Hazelcast

  • CVSS 9.1

New critical-severity CVE in today's window — elevated exposure signal, early in the lifecycle.

Critical active threat

CVE-2018-5430 TIBCO JasperReports Server Information Disclosure

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

TIBCO JasperReports Info Disclosure is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2018-5430 KEV

TIBCO JasperReports Server Information Disclosure

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-36437 CVSS 9.1

The Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the clust...

View critical disclosures

cvelogic Threat Intelligence