Critical exposure
CVE-2024-36268 Apache Inlong RCE
- CVSS 9.8
- Remote code execution exposure
New critical Apache Inlong RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
New critical Apache Inlong RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Horizoncloud Caterease SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Horizoncloud Caterease privilege escalation (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Improper Control of Generation of Code ('Code Injection') vulnerability in Apache InLong.
An issue in Horizon Business Services Inc.
An issue in Horizon Business Services Inc.
An issue in Horizon Business Services Inc.
An issue in Horizon Business Services Inc.
An issue in Horizon Business Services Inc.
FOG is a cloning/imaging/rescue suite/inventory management system.
server.c in Neat VNC (aka neatvnc) before 0.8.1 does not properly validate the security type, a related issue to CVE-2006-2369.
In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed.
anji-plus AJ-Report is affected by an authentication bypass vulnerability.