Critical active threat
CVE-2021-26828 OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type
- Actively exploited (CISA KEV)
- Listed on CISA KEV
Confirmed in-the-wild exploitation per CISA KEV — active threat momentum, not theoretical risk.
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
Confirmed in-the-wild exploitation per CISA KEV — active threat momentum, not theoretical risk.
Active exploit activity
Phpmyfaq CSRF now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Critical exposure
New critical Wpdirectorykit Wp Directory Kit Auth Bypass (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type
An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8.
File Upload vulnerability in PluckCMS v.4.7.10 allows a remote attacker to execute arbitrary code via the trashcan_restoreitem.php file.
A vulnerability, which was classified as problematic, has been found in MobileDetect 2.8.31.
An SQL Injection vulnerability exists in openSIS Community Edition version 8.0 via ForgotPassUserName.php.
OpenRepeater (ORP) before 2.2 allows unauthenticated command injection via shell metacharacters in the functions/ajax_system.php post_ser...
RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the Preferences.php script.
RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the PrintSchedules.php script.
In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page.
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/order.php table parameter when action=add is used.
In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for modifying a glossary.
Nothing flagged in this category for this digest.
Masa CMS is an open source Enterprise Content Management platform.
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to unauthorized modification of arbitrary WordPress options in all ve...
The WP Directory Kit plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.4.4 due to incor...
The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Remote Code Execution in versions 0.9.0.5 through 0.9.1.1 via...
TOTOLINK N300RT wireless router firmware versions prior to V3.4.0-B20250430 (discovered in V2.1.8-B20201030.1539) contain an OS command i...
Meta React Server Components Remote Code Execution
An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functi...
In ERPNext v15.83.2 and Frappe Framework v15.86.0, improper validation of uploaded SVG avatar images allows attackers to embed malicious...
DeepChat is a smart assistant uses artificial intelligence.
Cal.com is open-source scheduling software.