Apr 19, 2024 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 5 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2024-31546 Oretnom23 Computer Laboratory Management System SQL Injection

  • CVSS 9.8

New critical Oretnom23 Computer Laboratory Management System SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2024-32038 Wazuh is a free and open source platform used for threat prevention, detection, and response.

  • CVSS 9.8

New critical Wazuh Buffer Overflow (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2023-47435 An issue in the verifyPassword function of hexo-theme-matery v2.0.0 allows attackers to bypass au...

  • CVSS 9.8

New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2023-47435 CVSS 9.8

An issue in the verifyPassword function of hexo-theme-matery v2.0.0 allows attackers to bypass authentication and access password protect...

CVE-2024-31546 CVSS 9.8

Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/damage/view_damage.php.

CVE-2024-31547 CVSS 9.1

Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/item/view_item.php.

CVE-2024-32038 CVSS 9.8

Wazuh is a free and open source platform used for threat prevention, detection, and response.

CVE-2024-32644 CVSS 9.1

Evmos is a scalable, high-throughput Proof-of-Stake EVM blockchain that is fully compatible and interoperable with Ethereum.

View critical disclosures

cvelogic Threat Intelligence