Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Active exploit activity
Teampass SQL Injection now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Active exploit activity
Public exploit or PoC linked — exploitation bar is lower than disclosure-only CVEs.
High-risk exposure
New high-severity Dlink Dap-1620 Firmware Buffer Overflow — watch for exploit drops and scanner noise in the first 72 hours after disclosure.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Windows Themes Spoofing Vulnerability
SQL Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23.
Nothing flagged in this category for this digest.
A vulnerability, which was classified as critical, has been found in D-Link DAP-1620 1.03.
A vulnerability, which was classified as critical, was found in D-Link DAP-1620 1.03.
A vulnerability has been found in D-Link DAP-1620 1.03 and classified as critical.
A vulnerability was found in D-Link DAP-1620 1.03 and classified as critical.
Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_toke...