Real-time aggregation of active global vulnerabilities, critical CVEs, and exploit disclosures. Monitored strictly for offensive intelligence gathering and threat emulation metrics.
Malicious code discovered in the upstream tarballs of xz, starting with version 5.6.0. Allows unauthenticated remote code execution.
A command injection vulnerability in GlobalProtect feature of Palo Alto Networks PAN-OS software allows unauthenticated execution.
Oracle WebLogic Server vulnerability allowing unauthenticated remote code execution via T3/IIOP protocols.
Authentication bypass vulnerability in the web component of Ivanti ICS limits affecting 9.x and 22.x gateway versions.
ConnectWise ScreenConnect authentication bypass flaw leading to immediate administrative control dropping ransomware.
Citrix Bleed: Information Disclosure in NetScaler ADC and Gateway allowing session token extraction and replay.