Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
Palo Alto Networks PAN-OS Auth Bypass is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
Active exploit activity
Langflow RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Critical exposure
New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.
CISA KEV — confirmed in-the-wild exploitation.
Palo Alto Networks PAN-OS Authentication Bypass
ImageMagick is free and open-source software used for editing and manipulating digital images.
MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patterns.
In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_co...
CubeCart is an ecommerce software solution.
Wing FTP Server before 8.1.3 contains an authenticated remote code execution vulnerability in the session serialization mechanism that al...
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are presen...
In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGE...
Unauthenticated DoS in ZTE H8102E, H168N, H167A, H199A, H288A, H198A, H267A, H267N, H268A, H388X, H196A, H369A, H268N, H208N, H367N, H181...
Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6.
Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17.
Microsoft Windows Protection Mechanism Failure
The Quick Playground plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.1.
Nothing flagged in this category for this digest.
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generat...
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generat...
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library.
Dokploy is a free, self-hostable Platform as a Service (PaaS).
Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases.
Formie is a Craft CMS plugin for creating forms.
Shopper is a Headless e-commerce Admin Panel.
The affected KMW CCTV Security Cameras are vulnerable to a critical unauthenticated password reset.
Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter device firmware contains plaintext administrative...
There is an authentication bypass vulnerability in the NI SystemLink Enterprise Dashboard application that may allow an unauthenticated r...