Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
Confirmed in-the-wild exploitation per CISA KEV — active threat momentum, not theoretical risk.
Critical exposure
New critical Tenda Ax3 Firmware RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Tenda Ax3 Firmware RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
Cisco Unified Communications Products Code Injection
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and...
Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the cityta...
5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client.
5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client.
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets.
Fleet is open source device management software.
Laravel Reverb provides a real-time WebSocket communication backend for Laravel applications.
sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4.
Grist is spreadsheet software using Python as its formula language.
Appsmith is a platform to build admin panels, internal tools, and dashboards.