Jun 23, 2023 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
- Apple Multiple Products: 3 CVEs added to CISA KEV today.
- Mcl-collection Mcl-net Firmware: public exploit or PoC linked
- 10 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
CVE-2023-20867
VMware Tools Authentication Bypass
- Actively exploited (CISA KEV)
- Listed on CISA KEV
- Authentication bypass — unauthenticated access risk
VMware Tools Auth Bypass is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
Active exploit activity
- Public exploit or PoC available
- Exploit activity linked
Public exploit or PoC linked — exploitation bar is lower than disclosure-only CVEs.
Critical exposure
CVE-2023-3197
Inspireui Mstore Api SQL Injection
- CVSS 9.8
- Internet-facing CMS deployments affected
New critical Inspireui Mstore Api SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Apple Multiple Products Integer Overflow
Apple Multiple Products WebKit Memory Corruption
Apple Multiple Products WebKit Type Confusion
Zyxel Multiple NAS Devices Command Injection
VMware Tools Authentication Bypass
View KEV additions
Exploit & PoC activity
A Directory Browsing vulnerability in MCL-Net version 4.3.5.8788 webserver running on default port 5080, allows attackers to gain sensiti...
NCH Express Invoice 7.25 allows local users to discover the cleartext password by reading the configuration file.
View new exploit links
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server.
Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server.
The MStore API plugin for WordPress is vulnerable to Unauthenticated Blind SQL Injection via the 'id' parameter in versions up to, and in...
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
PHP-IMAP is a wrapper for common IMAP communication without the need to have the php-imap module installed / enabled.
View critical disclosures
cvelogic
Threat Intelligence