Critical active threat
CVE-2024-21351 Microsoft Windows SmartScreen Security Feature Bypass
- Actively exploited (CISA KEV)
- Listed on CISA KEV
Confirmed in-the-wild exploitation per CISA KEV — active threat momentum, not theoretical risk.
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
Confirmed in-the-wild exploitation per CISA KEV — active threat momentum, not theoretical risk.
Critical exposure
New critical Microsoft Exchange Server Privilege Escalation (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Microsoft Office Outlook RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
Microsoft Windows SmartScreen Security Feature Bypass
Microsoft Windows Internet Shortcut Files Security Feature Bypass
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Manageme...
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Manageme...
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Manageme...
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Manageme...
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Manageme...
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Manageme...
Microsoft Exchange Server Privilege Escalation
Microsoft Outlook Improper Input Validation
Sourcecodester School Task Manager 1.0 allows SQL Injection via the 'subject' parameter.
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an...