https://www.threatfrontierlabs.io/research Live CVE threat-intelligence research — re-scored by real-world exploitation, not severity. en Mon, 29 Jun 2026 19:28:57 GMT https://www.threatfrontierlabs.io/research/ghsa-9p9m-f2hg-9gxm https://www.threatfrontierlabs.io/research/ghsa-9p9m-f2hg-9gxm Mon, 29 Jun 2026 19:28:25 GMT Supply chain High A malicious version of the 'autotel-backends' npm package (v2.12.26) has been identified, leading to full system compromise upon installation. This poses a critical supply-chain risk, necessitating immediate action for any affected systems. (Supply chain · npm · severity critical · reach 578/wk · Exposure 70 · High) https://www.threatfrontierlabs.io/research/ghsa-3729-344x-9v28 https://www.threatfrontierlabs.io/research/ghsa-3729-344x-9v28 Mon, 29 Jun 2026 19:28:19 GMT Supply chain High A critical vulnerability has been identified in the npm package 'autotel-cli' version 0.8.14, which functions as malware. Installation of this package leads to full system compromise, necessitating immediate action to protect sensitive data and infrastructure. (Supply chain · npm · severity critical · reach 238/wk · Exposure 70 · High) https://www.threatfrontierlabs.io/research/cve-2026-20230 https://www.threatfrontierlabs.io/research/cve-2026-20230 Mon, 29 Jun 2026 19:25:54 GMT CVE Critical A critical Server-Side Request Forgery (SSRF) vulnerability in Cisco Unified Communications Manager (Unified CM) allows unauthenticated, remote attackers to write arbitrary files. This can lead to privilege escalation to root, posing a significant risk to affected systems. This vulnerability is actively exploited in the wild, as confirmed by its inclusion in the CISA KEV catalog. (CVSS n/a · EPSS 99th pct · NEXUS 84 · Critical · CISA KEV) https://www.threatfrontierlabs.io/research/cve-2026-12569 https://www.threatfrontierlabs.io/research/cve-2026-12569 Mon, 29 Jun 2026 19:25:47 GMT CVE High An improper input validation vulnerability in PTC Windchill and FlexPLM allows unauthenticated, remote attackers to execute arbitrary code. This flaw is listed in CISA's KEV catalog, indicating active exploitation in the wild. The EPSS percentile of 0.61712 suggests a moderate likelihood of future exploitation. (CVSS n/a · EPSS 62th pct · NEXUS 62 · High · CISA KEV) https://www.threatfrontierlabs.io/research/cve-2026-48558 https://www.threatfrontierlabs.io/research/cve-2026-48558 Mon, 29 Jun 2026 19:25:42 GMT CVE High A critical authentication bypass in SimpleHelp's OIDC flow allows unauthenticated attackers to forge identity tokens and gain full technician session access. This vulnerability, listed in CISA KEV, is actively exploited in the wild and can bypass multi-factor authentication in certain configurations. Organizations using SimpleHelp with OIDC enabled are at high risk. (CVSS n/a · EPSS 49th pct · NEXUS 55 · High · CISA KEV) https://www.threatfrontierlabs.io/research/ghsa-2736-v5cj-q9x5 https://www.threatfrontierlabs.io/research/ghsa-2736-v5cj-q9x5 Mon, 29 Jun 2026 07:19:48 GMT Supply chain Critical A malicious npm package, 'velocityfix', has been identified as compromising systems upon installation. Any machine that has installed this package should be considered fully compromised, necessitating immediate secret rotation and thorough remediation. (Supply chain · npm · severity critical · reach 1,118/wk · Exposure 80 · Critical) https://www.threatfrontierlabs.io/research/ghsa-29mh-6rgm-mmfw https://www.threatfrontierlabs.io/research/ghsa-29mh-6rgm-mmfw Mon, 29 Jun 2026 07:19:34 GMT Supply chain High A critical malicious package, 'hunsterx-package', has been identified in the npm ecosystem. Installation of this package leads to full system compromise, necessitating immediate secret rotation and thorough remediation due to potential persistent access. (Supply chain · npm · severity critical · reach 279/wk · Exposure 70 · High) https://www.threatfrontierlabs.io/research/cve-2024-3094 https://www.threatfrontierlabs.io/research/cve-2024-3094 Sun, 28 Jun 2026 17:43:45 GMT CVE Critical A critical backdoor (CVE-2024-3094) in XZ Utils versions 5.6.0 and 5.6.1 allows unauthenticated remote code execution. This vulnerability is actively exploited in the wild, has a CVSS score of 10.0, and an EPSS percentile of 93, indicating high exploitation probability. Organizations using affected versions are at severe risk. (CVSS 10 · EPSS 93th pct · NEXUS 91 · Critical · CISA KEV)