Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
Nostromo Nhttpd RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
Critical exposure
New critical Oretnom23 Survey Application System SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.
CISA KEV — confirmed in-the-wild exploitation.
Android Framework Privilege Escalation
CyberPanel Incorrect Default Permissions
Palo Alto Networks Expedition Missing Authentication
Nostromo nhttpd Directory Traversal
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
An issue was discovered on Brother MFC-J491DW C1806180757 devices.
An issue was discovered on Alecto IVM-100 2019-11-12 devices.
DataEase is an open source data visualization analysis tool that helps users quickly analyze data and gain insights into business trends.
SourceCodester Survey Application System 1.0 is vulnerable to SQL Injection in takeSurvey.php via the id parameter.
When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of Authentication Bypass by Spoofing -- this only im...