Apr 20, 2021 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 5 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2020-35313 Wondercms SSRF

  • CVSS 9.8

New critical Wondercms SSRF (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2020-35314 Wondercms RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Wondercms RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2021-28793 Lextudio Restructuredtext

  • CVSS 9.8

New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2020-35313 CVSS 9.8

A server-side request forgery (SSRF) vulnerability in the addCustomThemePluginRepository function in index.php in WonderCMS 3.1.3 allows...

CVE-2020-35314 CVSS 9.8

A remote code execution vulnerability in the installUpdateThemePluginAction function in index.php in WonderCMS 3.1.3, allows remote attac...

CVE-2021-28793 CVSS 9.8

vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute a...

CVE-2021-28827 CVSS 9.6

The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edit...

CVE-2021-29459 CVSS 9.6

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.

View critical disclosures

cvelogic Threat Intelligence