Aug 27, 2024 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Apache OFBiz added to CISA KEV — confirmed in-the-wild exploitation.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2024-38856 Apache OFBiz Incorrect Authorization

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV
  • Potential privilege escalation to admin/root

Apache OFBiz privilege escalation is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2024-5991 Wolfssl

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2024-41622 Dlink Dir-846w Firmware RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Dlink Dir-846w Firmware RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2024-36068 CVSS 9.8

An incorrect access control vulnerability in Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6 and 8.1.3-p12, allows an attacker with netwo...

CVE-2024-41622 CVSS 9.8

D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability via the tomography_ping_address para...

CVE-2024-44341 CVSS 9.8

D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability via the lan(0)_dhcps_staticlist para...

CVE-2024-44342 CVSS 9.8

D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability via the wl(0).(0)_ssid parameter.

CVE-2024-5991 CVSS 10

In function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked.

CVE-2024-6633 CVSS 9.8

The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are published in a vendor knowledgebase article.

CVE-2024-7071 CVSS 9.3

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 564 - SQL Injection: Hibernate vulnerability...

CVE-2024-7720 CVSS 9.8

HP Security Manager is potentially vulnerable to Remote Code Execution as a result of code vulnerability within the product's solution op...

CVE-2024-8030 CVSS 9.8

The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocomme...

CVE-2024-8181 CVSS 9.8

An Authentication Bypass vulnerability exists in Flowise version 1.8.2.

View critical disclosures

cvelogic Threat Intelligence