Jun 20, 2023 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Heator Social Share\, Social Login And Social Comments: public exploit or PoC linked (XSS)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2023-27372 Debian Linux RCE

  • Public exploit or PoC available
  • Exploit activity linked
  • Remote code execution exposure

Debian Linux RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2023-2779 Heator Social Share\, Social Login And Social Comments XSS

  • Public exploit or PoC available
  • Exploit activity linked
  • Internet-facing CMS deployments affected

WordPress plugin exposure with public exploit material — mass targeting of internet-facing CMS installs is common once PoCs circulate.

Critical exposure

CVE-2023-35166 Xwiki

  • CVSS 9.9

New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2023-2779 Exploit

The Social Share, Social Login and Social Comments WordPress plugin before 7.13.52 does not sanitise and escape a parameter before output...

CVE-2023-3320 Exploit

The WP Sticky Social plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1.

CVE-2023-25187 Exploit

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B.

CVE-2023-27372 Exploit

SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2020-20718 CVSS 9.8

File Upload vulnerability in PluckCMS v.4.7.10 dev versions allows a remote attacker to execute arbitrary code via a crafted image file t...

CVE-2020-20735 CVSS 9.8

File Upload vulnerability in LJCMS v.4.3.R60321 allows a remote attacker to execute arbitrary code via the ljcms/index.php parameter.

CVE-2020-21174 CVSS 9.8

File Upload vulenrability in liufee CMS v.2.0.7.1 allows a remote attacker to execute arbitrary code via the image suffix function.

CVE-2020-21474 CVSS 9.8

File Upload vulnerability in NucleusCMS v.3.71 allows a remote attacker to execute arbitrary code via the /nucleus/plugins/skinfiles/?dir...

CVE-2020-21489 CVSS 9.8

File Upload vulnerability in Feehicms v.2.0.8 allows a remote attacker to execute arbitrary code via the /admin/index.php?r=admin-user%2F...

CVE-2023-34541 CVSS 9.8

Langchain 0.0.171 is vulnerable to Arbitrary code execution in load_prompt.

CVE-2023-34563 CVSS 9.8

netgear R6250 Firmware Version 1.0.4.48 is vulnerable to Buffer Overflow after authentication.

CVE-2023-34600 CVSS 9.8

Adiscon LogAnalyzer v4.1.13 and before is vulnerable to SQL Injection.

CVE-2023-35166 CVSS 9.9

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.

CVE-2023-35885 CVSS 9.8

CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication.

View critical disclosures

cvelogic Threat Intelligence