Critical exposure
CVE-2024-38770
- CVSS 9.8
- Potential privilege escalation to admin/root
New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.
Critical exposure
New critical disclosure (CVSS 9.6) — high severity with a short public awareness window before exploit material typically surfaces.
High-risk exposure
New critical-severity CVE in today's window — elevated exposure signal, early in the lifecycle.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Under certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exch...
Improper Privilege Management vulnerability in Revmakx Backup and Staging by WP Time Capsule allows Privilege Escalation, Authentication...
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CridioStudio ListingPro listingpro-plugin...
Use of insecure hashing algorithm in the Gravatar's service in Navidrome v0.52.3 allows attackers to manipulate a user's account informat...
Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services.
Dispatch's notification service uses Jinja templates to generate messages to users.
A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224.