Feb 11, 2026 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
- Motioneye Project Motioneye: public exploit or PoC linked (Code Execution)
- 10 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Active exploit activity
CVE-2023-4911
GNU C Library Buffer Overflow
- Public exploit or PoC available
- Exploit activity linked
GNU C Library Buffer Overflow now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Active exploit activity
CVE-2025-60787
Motioneye Project Motioneye Code Execution
- Public exploit or PoC available
- Exploit activity linked
- Remote code execution exposure
Motioneye Project Motioneye Code Execution now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Critical exposure
New critical Unjs Nanotar Path Traversal (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
View KEV additions
Exploit & PoC activity
MotionEye v0.43.1b4 and before is vulnerable to OS Command Injection in configuration parameters such as image_file_name.
Microsoft Windows NTLM Hash Disclosure Spoofing
GNU C Library Buffer Overflow
View new exploit links
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
Chevereto 3.13.4 Core contains a remote code execution vulnerability that allows attackers to inject malicious code during database confi...
Weak Security in the PF-50 1.2 keyfob of PGST PG107 Alarm System 1.25.05.hf allows attackers to compromise access control via a code repl...
DiskCache (python-diskcache) through 5.6.3 uses Python pickle for serialization by default.
nanotar through 0.2.0 has a path traversal vulnerability in parseTar() and parseTarGzip() that allows remote attackers to write arbitrary...
An issue was discovered in OpenSatKit 2.2.1.
The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.0.12.
A race condition was addressed with improved handling of symbolic links.
Authentication for ZLAN5143D can be bypassed by directly accessing internal URLs.
set-in provides the set value of nested associative structure given array of keys.
manga-image-translator version beta-0.3 and prior in shared API mode contains an unsafe deserialization vulnerability that can lead to un...
View critical disclosures
cvelogic
Threat Intelligence