Oct 26, 2023 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Roundcube Webmail added to CISA KEV — confirmed in-the-wild exploitation.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2023-5631 Roundcube Webmail Persistent Cross-Site Scripting (XSS)

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Roundcube Webmail XSS is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2018-17558 Abus Tvip 10000 Firmware Command Injection

  • CVSS 9.8

New critical Abus Tvip 10000 Firmware Command Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2018-17878 Abus Tvip 10000 Firmware Buffer Overflow

  • CVSS 9.8

New critical Abus Tvip 10000 Firmware Buffer Overflow (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Roundcube Webmail Persistent Cross-Site Scripting (XSS)

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2018-17558 CVSS 9.8

Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/ directory on ABUS TVIP TVIP20050 LM.1.6...

CVE-2018-17878 CVSS 9.8

Buffer Overflow vulnerability in certain ABUS TVIP cameras allows attackers to gain control of the program via crafted string sent to spr...

CVE-2018-17879 CVSS 9.8

An issue was discovered on certain ABUS TVIP cameras.

CVE-2023-39726 CVSS 9.8

An issue in Mintty v.3.6.4 and before allows a remote attacker to execute arbitrary code via crafted commands to the terminal.

CVE-2023-42406 CVSS 9.8

SQL injection vulnerability in D-Link Online behavior audit gateway DAR-7000 V31R02B1413C allows a remote attacker to obtain sensitive in...

CVE-2023-44267 CVSS 9.8

Online Art Gallery v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.

CVE-2023-46661 CVSS 9.8

Sielco PolyEco1000 is vulnerable to an attacker escalating their privileges by modifying passwords in POST requests.

CVE-2023-46665 CVSS 9.8

Sielco PolyEco1000 is vulnerable to an authentication bypass vulnerability due to an attacker modifying passwords in a POST request and g...

CVE-2023-46747 CVSS 9.8

F5 BIG-IP Configuration Utility Authentication Bypass

CVE-2023-5754 CVSS 9.1

Sielco PolyEco1000 uses a weak set of default administrative credentials that can be easily guessed in remote password attacks and gain f...

View critical disclosures

cvelogic Threat Intelligence