Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
New critical Salesagility Suitecrm SQL Injection (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.
Critical exposure
New critical Langflow RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
SeaCMS 12.9 has a file deletion vulnerability via admin_template.php.
Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Arbitrary file deletion vulnerability as the backend settings have th...
Unrestricted Upload of File with Dangerous Type vulnerability in Asghar Hatampoor BuddyPress Cover allows Code Injection.This issue affec...
SuiteCRM is an open-source Customer Relationship Management (CRM) software application.
SuiteCRM is an open-source Customer Relationship Management (CRM) software application.
SuiteCRM is an open-source Customer Relationship Management (CRM) software application.
SuiteCRM is an open-source Customer Relationship Management (CRM) software application.
SuiteCRM is an open-source Customer Relationship Management (CRM) software application.
SuiteCRM is an open-source Customer Relationship Management (CRM) software application.
Langflow through 0.6.19 allows remote code execution if untrusted users are able to reach the "POST /api/v1/custom_component" endpoint an...