Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
Apache OFBiz Path Traversal is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
Critical exposure
New critical Cisco Spa 301 Firmware privilege escalation (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Cisco Spa 301 Firmware privilege escalation (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
Android Kernel Remote Code Execution
Apache OFBiz Path Traversal
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business S...
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business S...
SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection.
SourceCodester Computer Laboratory Management System 1.0 allows admin/category/view_category.php id SQL Injection.
An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an unauthorized attacker within the network...
A SQL injection vulnerability in /smsa/teacher_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to exec...
A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices.