Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
6 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
CVE-2024-55509Codeastro Complaint Management System SQL Injection
CVSS 9.8
New critical Codeastro Complaint Management System SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
CVE-2024-56337Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat.
CVSS 9.8
New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.
Critical exposure
CVE-2024-12571The Store Locator for WordPress with Google Maps – LotsOfLocales plugin for WordPress is vulnerab...
CVSS 9.8
Internet-facing CMS deployments affected
New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.