Mar 2, 2023 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 9 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2023-26477 XWiki Platform is a generic wiki platform.

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2023-26055 XWiki Commons are technical libraries common to several other top level XWiki projects.

  • CVSS 9.9

New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2023-26471 XWiki Platform is a generic wiki platform.

  • CVSS 9.9

New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-3854 CVSS 9.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Glox Technology Useroam Hotspot all...

CVE-2022-46501 CVSS 9.8

Accruent LLC Maintenance Connection 2021 (all) & 2022.2 was discovered to contain a SQL injection vulnerability via the E-Mail to Work Or...

CVE-2023-26055 CVSS 9.9

XWiki Commons are technical libraries common to several other top level XWiki projects.

CVE-2023-26780 CVSS 9.8

CleverStupidDog yf-exam v 1.8.0 is vulnerable to SQL Injection.

View critical disclosures

cvelogic Threat Intelligence