Mar 1, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 5 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2021-4039 Zyxel Nwa1100-nh Firmware Command Injection

  • CVSS 9.8

New critical Zyxel Nwa1100-nh Firmware Command Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2021-41193 wire-avs is the audio visual signaling (AVS) component of Wire, an open-source messenger.

  • CVSS 9.8

New critical Wire-audio Video Signaling DoS (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2021-36166 Fortinet Fortimail

  • CVSS 9.8

New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-36166 CVSS 9.8

An improper authentication vulnerability in FortiMail before 7.0.1 may allow a remote attacker to efficiently guess one administrative ac...

CVE-2021-4039 CVSS 9.8

A command injection vulnerability in the web interface of the Zyxel NWA-1100-NH firmware could allow an attacker to execute arbitrary OS...

CVE-2021-41193 CVSS 9.8

wire-avs is the audio visual signaling (AVS) component of Wire, an open-source messenger.

CVE-2022-24720 CVSS 9.8

image_processing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick.

CVE-2022-25010 CVSS 9.1

The component /rootfs in RageFile of Stepmania v5.1b2 and below allows attackers access to the entire file system.

View critical disclosures

cvelogic Threat Intelligence