There are no known security vulnerabilities and there haven’t been in the past. The mentioned Changelog entry refers to the Wikileaks documents, where something was mentioned, but with those tools never released, there are no known attempts to exploit that. More info: http://forum.mikrotik.com/t/statement-on-vault-7-document-release/106907/18
Which IP address was that Winbox attempt from?
Make sure you follow this document to secure your device: https://wiki.mikrotik.com/wiki/Manual:Securing_Your_Router
P.S: my bet is still on a legitimate login. Either yourself, or an employee, who forgot about this.