Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
Rockwellautomation Micrologix 1400 B Firmware: EPSS 15% → 37% · rising (+22%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.
Critical exposure
New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.
Critical exposure
New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Rockwellautomation Micrologix 1400 B Firmware
Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR mining programs identified by internal rese...
The TNC Toolbox: Web Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and includin...
Incorrect boundary conditions in the Graphics: WebGPU component.
Incorrect boundary conditions in the Graphics: WebGPU component.
Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component.
JIT miscompilation in the JavaScript Engine: JIT component.
Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component.
Double fetch in sandbox kernel driver in Avast/AVG Antivirus <25.3 on windows allows local attacker to escalate privelages via pool overf...
Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.
Zohocorp ManageEngine Analytics Plus versions 6170 and below are vulnerable to Unauthenticated SQL Injection due to the improper filter c...