Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
Fortinet FortiOS And FortiProxy Auth Bypass is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
Active exploit activity
Chamilo Lms RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Critical exposure
New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.
CISA KEV — confirmed in-the-wild exploitation.
tj-actions/changed-files GitHub Action Embedded Malicious Code
Fortinet FortiOS and FortiProxy Authentication Bypass
Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1....
Nothing flagged in this category for this digest.
Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology BeeStation OS (BSM) before 1.1-65374 and Sy...
Off-by-one error vulnerability in the transmission component in Synology Replication Service before 1.0.12-0066, 1.2.2-0353 and 1.3.0-042...
A vulnerability regarding out-of-bounds read is found in the video interface.
IBM AIX 7.2 and 7.3 nimesis NIM master service could allow a remote attacker to execute arbitrary commands due to improper process controls.
IBM AIX 7.2 and 7.3 nimsh service SSL/TLS protection mechanisms could allow a remote attacker to execute arbitrary commands due to improp...
A file upload bypass vulnerability exists in SOPlanning 1.53.00, specifically in /process/upload.php.
A lack of rate limiting in the login page of Safe App version a3.0.9 allows attackers to bypass authentication via a brute force attack.
An issue was discovered on IROAD Dashcam V devices.
An issue was discovered in the G-Net GNET APK 2.6.2.
An issue was discovered on G-Net Dashcam BB GONX devices.