Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
New critical Coollabs Coolify Command Injection (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Coollabs Coolify privilege escalation (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical disclosure (CVSS 9.6) — high severity with a short public awareness window before exploit material typically surfaces.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 13...
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases.
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases.
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases.
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases.
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases.
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases.
An issue in Passy v.1.6.3 allows a remote authenticated attacker to execute arbitrary commands via a crafted HTTP request using a specifi...
jsPDF is a library to generate PDFs in JavaScript.
Multiple D-Link DSL/DIR/DNS devices contain an authentication bypass and improper access control vulnerability in the dnscfg.cgi endpoint...