Critical active threat
CVE-2023-6448 Unitronics Vision PLC and HMI Insecure Default Password
- Actively exploited (CISA KEV)
- Listed on CISA KEV
Confirmed in-the-wild exploitation per CISA KEV — active threat momentum, not theoretical risk.
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
Confirmed in-the-wild exploitation per CISA KEV — active threat momentum, not theoretical risk.
Critical exposure
New critical Google Chromecast Firmware Code Execution (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Google Chromecast Firmware Code Execution (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
Unitronics Vision PLC and HMI Insecure Default Password
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Insertion of sensitive information in the centralized (Grafana) logging system in ProLion CryptoSpike 3.0.15P2 allows remote attackers to...
U-Boot vulnerability resulting in persistent Code Execution
TOTOLink A7000R V9.1.0u.6115_B20201022 has a stack overflow vulnerability via setOpModeCfg.
TOTOLink A7000R V9.1.0u.6115_B20201022has a stack overflow vulnerability via setIpPortFilterRules.
SAP BTP Security Services Integration Library ([Node.js] @sap/xssec - versions < 3.6.0, allow under certain conditions an escalation of p...
OpenEXR-viewer is a viewer for OpenEXR files with detailed metadata probing.
SAP BTP Security Services Integration Library ([Java] cloud-security-services-integration-library) - versions below 2.17.0 and versions f...
SAP BTP Security Services Integration Library ([Python] sap-xssec) - versions < 4.1.0, allow under certain conditions an escalation of pr...
SAP BTP Security Services Integration Library ([Golang] github.com/sap/cloud-security-client-go) - versions < 0.17.0, allow under certain...
An oversight in BCB handling of reboot reason that allows for persistent code execution