Mar 11, 2024 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 6 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2024-0039 Google Android RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Google Android RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2024-27228 there is a possible out of bounds write due to a heap buffer overflow.

  • CVSS 9.8
  • Remote code execution exposure

New critical Google Android RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2024-27227 A malicious DNS response can trigger a number of OOB reads, writes, and other memory issues

  • CVSS 9.8

New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2023-49785 CVSS 9.1

NextChat, also known as ChatGPT-Next-Web, is a cross-platform chat user interface for use with ChatGPT.

CVE-2024-0039 CVSS 9.8

In attp_build_value_cmd of att_protocol.cc, there is a possible out of bounds write due to a missing bounds check.

CVE-2024-22127 CVSS 9.1

SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an attacker with high privileges to upload...

CVE-2024-27207 CVSS 9.1

Exported broadcast receivers allowing malicious apps to bypass broadcast protection.

CVE-2024-27227 CVSS 9.8

A malicious DNS response can trigger a number of OOB reads, writes, and other memory issues

CVE-2024-27228 CVSS 9.8

there is a possible out of bounds write due to a heap buffer overflow.

View critical disclosures

cvelogic Threat Intelligence