Jul 11, 2023 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

Microsoft Windows: 4 CVEs added to CISA KEV today.
Buildagate Project Buildagate: public exploit or PoC linked (cross-site scripting)
10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2022-31199 Netwrix Auditor Insecure Object Deserialization

Actively exploited (CISA KEV)
Listed on CISA KEV
Remote code execution exposure

Netwrix Auditor RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Active exploit activity

CVE-2022-22963 VMware Tanzu Spring Cloud Function Remote Code Execution

Public exploit or PoC available
Exploit activity linked
Remote code execution exposure

VMware Tanzu Spring Cloud RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2023-26861 Vivawallet Viva Wallet SQL Injection

CVSS 9.8

New critical Vivawallet Viva Wallet SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2023-32046 KEV

Microsoft Windows MSHTML Platform Privilege Escalation

CVE-2023-32049 KEV

Microsoft Windows Defender SmartScreen Security Feature Bypass

CVE-2023-35311 KEV

Microsoft Outlook Security Feature Bypass

CVE-2023-36874 KEV

Microsoft Windows Error Reporting Service Privilege Escalation

CVE-2022-31199 KEV

Netwrix Auditor Insecure Object Deserialization

View KEV additions

Exploit & PoC activity

CVE-2023-36165 Exploit

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER.

CVE-2023-36166 Exploit

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER.

CVE-2023-36163 Exploit

Cross Site Scripting vulnerability in IP-DOT BuildaGate v.BuildaGate5 allows a remote attacker to execute arbitrary code via a crafted sc...

CVE-2023-36164 Exploit

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER.

CVE-2023-36167 Exploit

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER.

CVE-2022-22963 Exploit

VMware Tanzu Spring Cloud Function Remote Code Execution

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2023-24492 CVSS 9.6

A vulnerability has been discovered in the Citrix Secure Access client for Ubuntu which, if exploited, could allow an attacker to remotel...

CVE-2023-26861 CVSS 9.8

SQL injection vulnerability found in PrestaShop vivawallet v.1.7.10 and before allows a remote attacker to gain privileges via the vivawa...

CVE-2023-32057 CVSS 9.8

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

CVE-2023-33150 CVSS 9.6

Microsoft Office Security Feature Bypass Vulnerability

CVE-2023-35365 CVSS 9.8

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2023-35366 CVSS 9.8

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2023-35367 CVSS 9.8

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2023-36825 CVSS 9.6

Orchid is a Laravel package that allows application development of back-office applications, admin/user panels, and dashboards.

CVE-2023-37656 CVSS 9.8

WebsiteGuide v0.2 is vulnerable to Remote Command Execution (RCE) via image upload.

CVE-2023-37659 CVSS 9.8

xalpha v0.11.4 is vulnerable to Remote Command Execution (RCE).

View critical disclosures

cvelogic Threat Intelligence