Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Active exploit activity
Stacksmarket Stacks Mobile App Builder Auth Bypass now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Active exploit activity
Microsoft Defender For Endpoint privilege escalation now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Emerging exploitation risk
Microsoft Internet Explorer: EPSS 22% → 35% · rising (+13%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), shell injection in the SSH connection settings allow...
Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users t...
Sudo Inclusion of Functionality from Untrusted Control Sphere
Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally.
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allo...
Discourse is an open source platform for community discussion.
Microsoft Internet Explorer privilege escalation
Microsoft Internet Explorer privilege escalation
Cryptographic issue occurs due to use of insecure connection method while downloading.
Adobe Connect versions 24.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary co...
Hard-coded login credentials were found in HPE Networking Instant On Access Points, allowing anyone with knowledge of it to bypass normal...
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter.
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter.
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter.
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter.
Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.
Adobe Experience Manager (MS) versions 6.5.23.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could...
ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE')...