Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
Apache Activemq: public exploit or PoC linked (DoS)
10 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Active exploit activity
CVE-2024-21111Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
Public exploit or PoC available
Exploit activity linked
Potential privilege escalation to admin/root
Oracle Vm Virtualbox privilege escalation now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Active exploit activity
CVE-2024-38193Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation
Public exploit or PoC available
Exploit activity linked
Potential privilege escalation to admin/root
Microsoft Windows Privilege Escalation now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Critical exposure
CVE-2025-45885Phpgurukul Vehicle Parking Management System SQL Injection
CVSS 9.8
New critical Phpgurukul Vehicle Parking Management System SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.