10 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
CVE-2024-9463Palo Alto Networks Expedition OS Command Injection
Actively exploited (CISA KEV)
Listed on CISA KEV
Palo Alto Networks Expedition Command Injection is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
Critical exposure
CVE-2024-48966The software tools used by service personnel to test & calibrate the ventilator do not support us...
CVSS 10
New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.
Critical exposure
CVE-2024-48967The ventilator and the Service PC lack sufficient audit logging capabilities to allow for detecti...
CVSS 10
New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.