Active exploit activity
CVE-2023-34096 Thruk Path Traversal
- Public exploit or PoC available
- Exploit activity linked
Thruk Path Traversal now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Active exploit activity
Thruk Path Traversal now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Active exploit activity
WordPress plugin exposure with public exploit material — mass targeting of internet-facing CMS installs is common once PoCs circulate.
Critical exposure
New critical Progress Datadirect Odbc Oracle Wire Protocol Driver Buffer Overflow (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Thruk is a multibackend monitoring webinterface which currently supports Naemon, Icinga, Shinken and Nagios as backends.
The Workreap WordPress theme before 2.2.2 AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not perform...
Nothing flagged in this category for this digest.
A buffer overflow was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle.