Jul 21, 2024 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
- 2 material risk changes today across KEV, exploits, critical disclosures, and EPSS movers.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
CVE-2024-38437
D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel
- CVSS 9.8
- Authentication bypass — unauthenticated access risk
New critical Dlink Dsl-225 Firmware Auth Bypass (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
CVE-2024-38438
D-Link - CWE-294: Authentication Bypass by Capture-replay
- CVSS 9.8
- Authentication bypass — unauthenticated access risk
New critical Dlink Dsl-225 Firmware Auth Bypass (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
View KEV additions
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel
D-Link - CWE-294: Authentication Bypass by Capture-replay
View critical disclosures
cvelogic
Threat Intelligence