Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
New critical Raspberrymatic RCE (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Unitronics Unilogic Auth Bypass (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Amss\+\+ Project Amss\+\+ RCE (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
An issue was discovered in OpenClinic GA 5.247.01.
An issue was discovered in OpenClinic GA 5.247.01.
CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover and unauthorize...
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
RaspberryMatic is an open-source operating system for HomeMatic internet-of-things devices.
File upload restriction evasion vulnerability in AMSS++ version 4.31.
CWE-287: Improper Authentication may allow Authentication Bypass
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-22: 'Path Traversal' may allow RCE
FitNesse all releases allows a remote authenticated attacker to execute arbitrary OS commands.
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the page parameter of fromNatStaticSetting function.