Critical exposure
CVE-2025-54381 Bentoml SSRF
- CVSS 9.9
New critical Bentoml SSRF (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
New critical Bentoml SSRF (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Maptiler Tileserver Php cross-site scripting (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cau...
MapTiler Tileserver-php v2.0 is vulnerable to Cross Site Scripting (XSS).
langchain-ai v0.3.51 was discovered to contain an indirect prompt injection vulnerability in the GmailToolkit component.
The Memos application, up to version v0.24.3, allows for the embedding of markdown images with arbitrary URLs.
BentoML is a Python library for building online serving systems optimized for AI apps and model inference.