Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
Mayurik Petrol Pump Management: public exploit or PoC linked (cross-site scripting)
4 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Active exploit activity
CVE-2024-27743Mayurik Petrol Pump Management cross-site scripting
Public exploit or PoC available
Exploit activity linked
Mayurik Petrol Pump Management cross-site scripting now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Active exploit activity
CVE-2024-27744Mayurik Petrol Pump Management cross-site scripting
Public exploit or PoC available
Exploit activity linked
Mayurik Petrol Pump Management cross-site scripting now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Critical exposure
CVE-2024-20017In wlan service, there is a possible out of bounds write due to improper input validation.
CVSS 9.8
Remote code execution exposure
New critical Mediatek Openwrt RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.