Critical exposure
CVE-2025-43300 Apple iOS, iPadOS, and macOS Out-of-Bounds Write
- CVSS 10
New critical Apple IOS, IPadOS, And MacOS Memory Corruption (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
New critical Apple IOS, IPadOS, And MacOS Memory Corruption (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Aomeitech Cyber Backup RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Incorrect access control in dts-shop v0.0.1-SNAPSHOT allows attackers to bypass authentication via sending a crafted payload to /admin/au...
Incorrect access control in radar v1.0.8 allows attackers to bypass authentication and access sensitive APIs without a token.
Multiple Improper Input Validation vulnerabilities in UniFi Connect EV Station Lite may allow a Command Injection by a malicious actor wi...
A Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro may allow a malicious actor with physica...
A Server-Side Request Forgery (SSRF) in the UISP Application may allow a malicious actor with certain permissions to make requests outsid...
Apple iOS, iPadOS, and macOS Out-of-Bounds Write
Directus is a real-time API and App dashboard for managing SQL database content.
AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution Vulnerability.
Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4.
Improper Input Validation vulnerability in sha.js allows Input Data Manipulation.This issue affects sha.js: through 2.4.11.