Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
Synacor Zimbra Collaboration Suite (ZCS) XSS is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
Critical exposure
New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.
Critical exposure
New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.
CISA KEV — confirmed in-the-wild exploitation.
Microsoft SharePoint Deserialization of Untrusted Data
Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
New critical Lfprojects Mlflow exposure disclosed.
OmniGen2-RL contains an unauthenticated remote code execution vulnerability in the reward server component that allows remote attackers t...
The web interface of the WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) contains hardcoded credential disclosure mechanisms (in t...
The WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) implements a broken authentication mechanism in its web management interface.
A command injection vulnerability exists in the web management interface of the WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02).
The WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) exposes an unprotected UART interface through accessible hardware pads on the PCB
Glances is an open-source system cross-platform monitoring tool.
OpenProject is an open-source, web-based project management software.
OpenProject is an open-source, web-based project management software.
ApostropheCMS is an open-source content management framework.