Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Active exploit activity
Sourcefabric Rpi-jukebox-rfid Command Injection now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Active exploit activity
Public exploit or PoC linked — exploitation bar is lower than disclosure-only CVEs.
Emerging exploitation risk
Tricerasoft Swift Ultralite: EPSS 5.8% → 19% · rising (+14%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4.0 through 10.7.3 and possibly other pre...
On Ceragon Networks / Siklu Communication EtherHaul and MultiHaul Series microwave antennas before 2026-03-10, the rfpiped service on TCP...
A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0.
Tricerasoft Swift Ultralite Buffer Overflow
Ultimatevideosite Ultimate Player Buffer Overflow
The Registration & Login with Mobile Phone Number for WooCommerce plugin for WordPress is vulnerable to Authentication Bypass in all vers...
The RegistrationMagic plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.0.7.1.