Latest CVE Exploit Alerts
-
CVE Exploit Alert: CVE-2023-36424 | HIGH | CVSS 7.8 | Microsoft Windows
🟠HIGH Severity Overview CVSS Base Score: 7.8 Severity: HIGH CVSS Version: 3.1 Priority: Elevated priority Summary Windows Common Log File System Driver Elevation of Privilege Vulnerability Analyst Takeaway This vulnerability is already in CISA KEV, which means exploitation has been observed in the wild and the issue should be treated as active risk rather
-
CVE Exploit Alert: CVE-2023-21529 | HIGH | CVSS 8.8 | Microsoft Exchange Server
🟠HIGH Severity Overview CVSS Base Score: 8.8 Severity: HIGH CVSS Version: 3.1 Priority: High priority Summary Microsoft Exchange Server Remote Code Execution Vulnerability Analyst Takeaway This vulnerability is already in CISA KEV, which means exploitation has been observed in the wild and the issue should be treated as active risk rather than theoretical exposure.
-
CVE Exploit Alert: CVE-2025-60710 | HIGH | CVSS 7.8 | Microsoft Windows
🟠HIGH Severity Overview CVSS Base Score: 7.8 Severity: HIGH CVSS Version: 3.1 Priority: Elevated priority Summary Improper link resolution before file access (‘link following’) in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally. Analyst Takeaway This vulnerability is already in CISA KEV, which means exploitation has been observed in
-
CVE Exploit Alert: CVE-2012-1854 | HIGH | CVSS 7.8 | Microsoft Visual Basic for Applications (VBA)
🟠HIGH Severity Overview CVSS Base Score: 7.8 Severity: HIGH CVSS Version: 3.1 Priority: Elevated priority Summary Untrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual Basic for Applications (VBA); and Summit Microsoft Visual Basic for Applications SDK allows local users to
-
CVE Exploit Alert: CVE-2026-1340 | CRITICAL | CVSS 9.8 | Ivanti Endpoint Manager Mobile (EPMM)
🔴 CRITICAL Severity Overview CVSS Base Score: 9.8 Severity: CRITICAL CVSS Version: 3.1 Priority: Critical priority Summary A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution. Analyst Takeaway This vulnerability is already in CISA KEV, which means exploitation has been observed in the wild and the issue should