Check vulnerabilities

CVE exploitation data check using “IntheWild”

There are tens of thousands of vulnerabilities disclosed each year. Only a handful of them will ever be exploited.

Triaging vulnerabilities is hard, one thing is easy though: if you know something is actively exploited inTheWild you have to move within hours.

We believe that exploitation information is about safety and it should be easy to access and not be behind paywalls.

Get alerts on new reports of exploitation via RSS, Twitter, grab our docker image, the hourly database exports or get the full exploited list a /api/exploited

Most recently
exploited
in the wild

Vulnerability Feeds

CVE-2022-4135

Data reported first

11/24/2022

Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Reference

Credit

CVE-2021-25003

Data reported first

11/16/2022

The WPCargo Track & Trace WordPress plugin before 6.9.0 contains a file which could allow unauthenticated attackers to write a PHP file anywhere on the web server, leading to RCE

Reference

Credit

CVE-2022-1119

Data reported first

11/16/2022

The Simple File List WordPress plugin is vulnerable to Arbitrary File Download via the eeFile parameter found in the ~/includes/ee-downloader.php file due to missing controls which makes it possible unauthenticated attackers to supply a path to a file that will subsequently be downloaded, in versions up to and including 3.2.7.

Reference

Credit

Thanks for the exploitation information!disclaimer

Know when
to panic

Get alerts for new exploited vulnerabilities

Be informed about the few vulnerabilities that really matter. Subscribe to the RSS and hook it up to your alerts channel, follow us on Twitter or look at our feed or API about new exploitations.

Prioritize vulnerabilities

Your vulnerability scanners probably return thousands of vulnerabilities. Triaging and prioritizing them is hard. Use our hourly database export or directly the our CLI to enrich your reports about exploits and exploitation activity.

Find Exploits

Need to verify a vulnerability or the exploit you found seems to be broken. We collect exploits from a number of different sources and do the github scouring for you. Check out the report page or automate your searches using the CLI.

Share exploitation information

If you identified a new exploitation activity during research or just saw some reports are missing from out database, you can Tweet @inthewildio or similarly tag us in you LinkedIn post. You can also just use this form.