Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
New critical Mediatek En7528 Firmware Command Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Mediatek En7528 Firmware Command Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Mediatek En7528 Firmware Command Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
In Config Manager, there is a possible command injection due to improper input validation.
In Config Manager, there is a possible command injection due to improper input validation.
In Config Manager, there is a possible command injection due to improper input validation.
In Boa, there is a possible escalation of privilege due to a missing permission check.
In Boa, there is a possible escalation of privilege due to a stack buffer overflow.
Because the web management interface for Unified Intents' Unified Remote solution does not itself require authentication, a remote, unaut...
The Hide My WP WordPress plugin before 6.2.9 does not properly sanitize and escape a parameter before using it in a SQL statement via an...
In NVS365 V01, the background network test function can trigger command execution.
**UNSUPPORTED WHEN ASSIGNED** Cross Site Scripting (XSS) in HP Deskjet 2540 series printer Firmware Version CEP1FN1418BR and Product Mode...
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restri...