Home
» Risk & Exploitation
» Daily threat intelligence
» Mar 26, 2024
Mar 26, 2024 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
Microsoft SharePoint Server added to CISA KEV — confirmed in-the-wild exploitation.
10 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
CVE-2023-24955
Microsoft SharePoint Server Code Injection
Actively exploited (CISA KEV)
Listed on CISA KEV
Remote code execution exposure
Microsoft SharePoint Server RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
Critical exposure
New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.
Critical exposure
CVE-2024-25393
A stack buffer overflow occurs in net/at/src/at_server.c in RT-Thread through 5.0.2.
New critical Rt-thread Buffer Overflow (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Microsoft SharePoint Server Code Injection
View KEV additions
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
Unrestricted Upload of File with Dangerous Type vulnerability in Julien Crego Manager for Icomoon.This issue affects Manager for Icomoon:...
Unrestricted Upload of File with Dangerous Type vulnerability in Artbees JupiterX Core.This issue affects JupiterX Core: from n/a through...
Unrestricted Upload of File with Dangerous Type vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0.
Unrestricted Upload of File with Dangerous Type vulnerability in Terry Lin WP Githuber MD.This issue affects WP Githuber MD: from n/a thr...
Unrestricted Upload of File with Dangerous Type vulnerability in WEN Solutions WP Child Theme Generator.This issue affects WP Child Theme...
Unrestricted Upload of File with Dangerous Type vulnerability in Elementor.Com Elementor Website Builder.This issue affects Elementor Web...
A stack buffer overflow occurs in net/at/src/at_server.c in RT-Thread through 5.0.2.
An issue in Ignite Realtime Openfire v.4.9.0 and before allows a remote attacker to escalate privileges via the ROOM_CACHE component.
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58.
Tenda AC18 V15.03.05.05 contains a command injection vulnerablility in the deviceName parameter of formsetUsbUnload function.
View critical disclosures
cvelogic
Threat Intelligence