May 14, 2024 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Microsoft Windows: 2 CVEs added to CISA KEV today.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2024-30051 Microsoft DWM Core Library Privilege Escalation

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV
  • Potential privilege escalation to admin/root

Microsoft DWM Core Library Privilege Escalation is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2024-32888 The Amazon JDBC Driver for Redshift is a Type 4 JDBC driver that provides database connectivity t...

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2024-31466 Arubanetworks Arubaos RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Arubanetworks Arubaos RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Microsoft Windows MSHTML Platform Security Feature Bypass

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2024-31466 CVSS 9.8

There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sendi...

CVE-2024-31467 CVSS 9.8

There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sendi...

CVE-2024-31468 CVSS 9.8

There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code...

CVE-2024-31469 CVSS 9.8

There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code...

CVE-2024-31470 CVSS 9.8

There is a buffer overflow vulnerability in the underlying SAE (Simultaneous Authentication of Equals) service that could lead to unauthe...

CVE-2024-31471 CVSS 9.8

There is a command injection vulnerability in the underlying Central Communications service that could lead to unauthenticated remote cod...

CVE-2024-31472 CVSS 9.8

There are command injection vulnerabilities in the underlying Soft AP Daemon service that could lead to unauthenticated remote code execu...

CVE-2024-31473 CVSS 9.8

There is a command injection vulnerability in the underlying deauthentication service that could lead to unauthenticated remote code exec...

CVE-2024-32888 CVSS 10

The Amazon JDBC Driver for Redshift is a Type 4 JDBC driver that provides database connectivity through the standard JDBC application pro...

CVE-2024-4893 CVSS 9.8

DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to inject arbitrary SQL commands.

View critical disclosures

cvelogic Threat Intelligence