Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
CrushFTP Auth Bypass is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
Active exploit activity
Apache Tomcat RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Critical exposure
New critical Mediatek Mt6890 RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
CrushFTP Authentication Bypass
YesWiki is a wiki system written in PHP.
Apache Tomcat Path Equivalence
XWiki Platform Eval Injection
Nothing flagged in this category for this digest.
In wlan service, there is a possible out of bounds write due to an incorrect bounds check.
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the jobId parameter
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the changeStatus method
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the jobLogId parameter
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the selectDeptTree method of the /selectDeptTree/{deptId} e...
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the cancelAuthUserAll method does not properly validate whe...
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method in /tool/gen/editSave
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the /editSave method in SysNoticeController
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the SysDictTypeController component
Langflow Missing Authentication