Dec 17, 2023 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
- 2 material risk changes today across KEV, exploits, critical disclosures, and EPSS movers.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
CVE-2023-50976
Redpanda privilege escalation
- CVSS 9.8
- Potential privilege escalation to admin/root
New critical Redpanda privilege escalation (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
CVE-2023-6906
Totolink A7100ru Firmware Buffer Overflow
New critical Totolink A7100ru Firmware Buffer Overflow (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
View KEV additions
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing authorization checks in the Transactions API.
A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313_B20191024.
View critical disclosures
cvelogic
Threat Intelligence