May 21, 2021 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Dell Dbutil Driver: public exploit or PoC linked (DoS)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2021-21551 Dell dbutil Driver Insufficient Access Control

  • Public exploit or PoC available
  • Exploit activity linked

Dell Dbutil Driver DoS now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2021-26855 Microsoft Exchange Server Remote Code Execution

  • Public exploit or PoC available
  • Exploit activity linked
  • Enterprise mail systems at risk

Exchange-class mail edge with renewed exploit interest — historically attracts opportunistic and targeted campaigns after PoC release.

Critical exposure

CVE-2021-33509 Plone

  • CVSS 9.9

New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2021-21551 Exploit

Dell dbutil Driver Insufficient Access Control

CVE-2021-26855 Exploit

Microsoft Exchange Server Remote Code Execution

CVE-2020-14871 Exploit

Oracle Solaris and Zettabyte File System (ZFS) Unspecified

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2018-25010 CVSS 9.1

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter().

CVE-2018-25011 CVSS 9.8

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16().

CVE-2018-25012 CVSS 9.1

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE24().

CVE-2018-25013 CVSS 9.1

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes().

CVE-2018-25014 CVSS 9.8

A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().

CVE-2020-36328 CVSS 9.8

A flaw was found in libwebp in versions before 1.0.1.

CVE-2020-36329 CVSS 9.8

A flaw was found in libwebp in versions before 1.0.1.

CVE-2020-36330 CVSS 9.1

A flaw was found in libwebp in versions before 1.0.1.

CVE-2020-36331 CVSS 9.1

A flaw was found in libwebp in versions before 1.0.1.

CVE-2021-33509 CVSS 9.9

Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transf...

View critical disclosures

cvelogic Threat Intelligence