Sep 4, 2024 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2024-45076 Ibm Webmethods Integration

  • CVSS 9.9

New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2024-44400 A vulnerability was discovered in DI_8400-16.07.26A1, which has been classified as critical.

  • CVSS 9.8

New critical Dlink Di-8400 Firmware Command Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2024-7012 Redhat Satellite Auth Bypass

  • CVSS 9.8
  • Authentication bypass — unauthenticated access risk

New critical Redhat Satellite Auth Bypass (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2024-20439 CVSS 9.8

Cisco Smart Licensing Utility Static Credential

CVE-2024-44400 CVSS 9.8

A vulnerability was discovered in DI_8400-16.07.26A1, which has been classified as critical.

CVE-2024-44808 CVSS 9.8

An issue in Vypor Attack API System v.1.0 allows a remote attacker to execute arbitrary code via the user GET parameter.

CVE-2024-45053 CVSS 9.1

Fides is an open-source privacy engineering platform.

CVE-2024-45076 CVSS 9.9

IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute arbitrary files which could be executed on the u...

CVE-2024-7012 CVSS 9.8

An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-forem...

CVE-2024-7076 CVSS 9.3

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Semtek Informatics Software Consult...

CVE-2024-7078 CVSS 9.2

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Semtek Informatics Software Consult...

CVE-2024-7923 CVSS 9.8

An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the pup...

CVE-2024-8289 CVSS 9.8

The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to privilege escalation/d...

View critical disclosures

cvelogic Threat Intelligence