Jun 29, 2023 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

Samsung Mobile Devices: 6 CVEs added to CISA KEV today.
10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2019-20500 D-Link DWL-2600AP Access Point Command Injection

Actively exploited (CISA KEV)
Listed on CISA KEV

D-Link DWL-2600AP Access Point Command Injection is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2023-36469 Xwiki RCE

CVSS 9.9
Remote code execution exposure

New critical Xwiki RCE (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2023-36470 Xwiki RCE

CVSS 9.9
Remote code execution exposure

New critical Xwiki RCE (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2021-25487 KEV

Samsung Mobile Devices Out-of-Bounds Read

CVE-2021-25489 KEV

Samsung Mobile Devices Improper Input Validation

CVE-2021-25394 KEV

Samsung Mobile Devices Race Condition

CVE-2021-25395 KEV

Samsung Mobile Devices Race Condition

CVE-2021-25371 KEV

Samsung Mobile Devices Unspecified

CVE-2021-25372 KEV

Samsung Mobile Devices Improper Boundary Check

CVE-2019-20500 KEV

D-Link DWL-2600AP Access Point Command Injection

CVE-2019-17621 KEV

D-Link DIR-859 Router Command Execution

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-44720 CVSS 9.8

An issue was discovered in Weblib Ucopia before 6.0.13.

CVE-2023-26616 CVSS 9.8

D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo.

CVE-2023-31222 CVSS 9.8

Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart Optima versions 1.11 and earlier on Windo...

CVE-2023-33190 CVSS 9.9

Sealos is an open source cloud operating system distribution based on the Kubernetes kernel.

CVE-2023-35830 CVSS 9.8

STW (aka Sensor-Technik Wiedemann) TCG-4 Connectivity Module DeploymentPackage_v3.03r0-Impala and DeploymentPackage_v3.04r2-Jellyfish and...

CVE-2023-36468 CVSS 9.9

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.

CVE-2023-36469 CVSS 9.9

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.

CVE-2023-36470 CVSS 9.9

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.

CVE-2023-36471 CVSS 9

Xwiki commons is the common modules used by other XWiki top level projects.

CVE-2023-36487 CVSS 9.8

The password reset function in ILIAS 7.0_beta1 through 7.20 and 8.0_beta1 through 8.1 allows remote attackers to take over the account.

View critical disclosures

cvelogic Threat Intelligence