Nov 6, 2023 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2023-46731 Xwiki

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2023-4699 Mitsubishielectric Fx3g-14mr\/ds Firmware

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2023-45161 1e Platform RCE

  • CVSS 9.9
  • Remote code execution exposure

New critical 1e Platform RCE (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2023-2675 CVSS 9.8

Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 2023.Q1.1223.

CVE-2023-38382 CVSS 9.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Daniel Söderström / Sidney van de S...

CVE-2023-45161 CVSS 9.9

The 1E-Exchange-URLResponseTime instruction that is part of the Network product pack available on the 1E Exchange does not properly valid...

CVE-2023-45163 CVSS 9.9

The 1E-Exchange-CommandLinePing instruction that is part of the Network product pack available on the 1E Exchange does not properly valid...

CVE-2023-46731 CVSS 10

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.

CVE-2023-46732 CVSS 9.6

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.

CVE-2023-4699 CVSS 10

Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC-F Series CPU modules, MELSEC iQ-F Se...

CVE-2023-5601 CVSS 9.8

The WooCommerce Ninja Forms Product Add-ons WordPress plugin before 1.7.1 does not validate the file to be uploaded, allowing any unauthe...

CVE-2023-5777 CVSS 9.8

Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is immediately deleted after the crash report transmissi...

CVE-2023-5964 CVSS 9.9

The 1E-Exchange-DisplayMessageinstruction that is part of the End-User Interaction product pack available on the 1E Exchange does not pro...

View critical disclosures

cvelogic Threat Intelligence