Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
Wing FTP Server RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
Critical exposure
New critical Wegia SQL Injection (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.
CISA KEV — confirmed in-the-wild exploitation.
Wing FTP Server Improper Neutralization of Null Byte or NUL Character
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Wavlink WN535K3 20191010 was found to contain a command injection vulnerability in the set_sys_adm function via the newpass parameter.
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions.
Dokploy is a free, self-hostable Platform as a Service (PaaS).
LaRecipe is an application that allows users to create documentation with Markdown inside a Laravel app.
XWiki Rendering is a generic rendering system that converts textual input in a given syntax (wiki syntax, HTML, etc) into another syntax...
XWiki Rendering is a generic rendering system that converts textual input in a given syntax (wiki syntax, HTML, etc) into another syntax...
pyload is an open-source Download Manager written in pure Python.