Critical exposure
CVE-2025-54123 Hoverfly is an open source API simulation tool.
- CVSS 9.8
New critical Hoverfly Command Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
New critical Hoverfly Command Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
High-risk exposure
New high-severity Axxonsoft Axxon One privilege escalation — watch for exploit drops and scanner noise in the first 72 hours after disclosure.
High-risk exposure
New critical-severity CVE in today's window — elevated exposure signal, early in the lifecycle.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Use of Unmaintained Third Party Components (CWE-1104) in the NuGet dependency components in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4 o...
Dependency on Vulnerable Third-Party Component (CWE-1395) in the PostgreSQL backend in AxxonSoft Axxon One (C-Werk) 2.0.8 and earlier on...
Hoverfly is an open source API simulation tool.
An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Ser...