Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.
Critical exposure
New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.
Critical exposure
New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
The Nokri – Job Board WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up t...
The SetSail Membership plugin for WordPress is vulnerable to in all versions up to, and including, 1.0.3.
The Alloggio Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.2.
The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.6.
A Use After Free vulnerability on UniFi Protect Cameras could allow a Remote Code Execution (RCE) by a malicious actor with access to Uni...
An Authentication Bypass vulnerability on UniFi Protect Application with Auto-Adopt Bridge Devices enabled could allow a malicious actor...
ToDesktop before 2024-10-03, as used by Cursor before 2024-10-03 and other applications, allows remote attackers to execute arbitrary com...