Jun 3, 2024 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Oracle WebLogic Server added to CISA KEV — confirmed in-the-wild exploitation.
  • Progress Sitefinity: public exploit or PoC linked (cross-site scripting)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2017-3506 Oracle WebLogic Server OS Command Injection

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Oracle WebLogic Server Command Injection is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Active exploit activity

CVE-2023-27636 Progress Sitefinity cross-site scripting

  • Public exploit or PoC available
  • Exploit activity linked

Progress Sitefinity cross-site scripting now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2024-36568 Mayurik Gas Agency Management System SQL Injection

  • CVSS 9.8

New critical Mayurik Gas Agency Management System SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

View KEV additions

Exploit & PoC activity

CVE-2023-27636 Exploit

Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2023-51219 CVSS 9.6

A deep link validation issue in KakaoTalk 10.4.3 allowed a remote adversary to direct users to run any attacker-controlled JavaScript wit...

CVE-2024-0336 CVSS 9.4

Missing Authentication for Critical Function vulnerability in EMTA Grup PDKS allows Exploiting Incorrectly Configured Access Control Secu...

CVE-2024-31682 CVSS 9.8

Incorrect access control in the fingerprint authentication mechanism of Phone Cleaner: Boost & Clean v2.2.0 allows attackers to bypass fi...

CVE-2024-34987 CVSS 9.1

A SQL Injection vulnerability exists in the `ofrs/admin/index.php` script of PHPGurukul Online Fire Reporting System 1.2.

CVE-2024-36568 CVSS 9.8

Sourcecodester Gas Agency Management System v1.0 is vulnerable to SQL Injection via /gasmark/editbrand.php?id=.

CVE-2024-36782 CVSS 9.8

TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attacker...

CVE-2024-36783 CVSS 9.8

TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection via the host_time parameter in the NTPSyncWithHost fu...

CVE-2024-37019 CVSS 9.8

Northern.tech Mender Enterprise before 3.6.4 and 3.7.x before 3.7.4 has Weak Authentication.

CVE-2024-3829 CVSS 9.1

qdrant/qdrant version 1.9.0-dev is vulnerable to arbitrary file read and write during the snapshot recovery process.

CVE-2024-4332 CVSS 9.3

An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise (TE) 9.1.0 when TE...

View critical disclosures

cvelogic Threat Intelligence