Active exploit activity
CVE-2023-3897 42gears Suremdm
- Public exploit or PoC available
- Exploit activity linked
Public exploit or PoC linked — exploitation bar is lower than disclosure-only CVEs.
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Active exploit activity
Public exploit or PoC linked — exploitation bar is lower than disclosure-only CVEs.
Critical exposure
New critical Fedoraproject Fedora SQL injection (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Torrentpier Deserialization (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Username enumeration is possible through Bypassing CAPTCHA in On-premise SureMDM Solution on Windows deployment allows attacker to enumer...
Nothing flagged in this category for this digest.
eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the Data Distribution Service standard of the Object Management Group.
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Brivo ACS100, ACS300 allows O...
pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE.
Suite CRM version 7.14.2 allows including local php files.
Torrentpier version 2.4.1 allows executing arbitrary commands on the server.
The permission model protects itself against path traversal attacks by calling path.resolve() on any paths given by the user.
An unquoted service path vulnerability in the 12d Synergy Server and File Replication Server components may allow an attacker to gain ele...