Jan 23, 2026 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Broadcom VMware VCenter Server added to CISA KEV — confirmed in-the-wild exploitation.
  • Open Group Cde Common Desktop Environment — exploitation likelihood rose sharply (EPSS 59% → 70% · rising (+12%)).
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2024-37079 Broadcom VMware vCenter Server Out-of-bounds Write

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV
  • Remote code execution exposure

Broadcom VMware VCenter Server RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2001-0803 Open Group Cde Common Desktop Environment Buffer Overflow

  • Exploitation likelihood sharply increased
  • CVSS 10
  • EPSS 59% → 70% · rising (+12%)

Open Group Cde Common Desktop Environment: EPSS 59% → 70% · rising (+12%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.

Critical exposure

CVE-2025-70983 Bladex Springblade privilege escalation

  • CVSS 9.9
  • Potential privilege escalation to admin/root

New critical Bladex Springblade privilege escalation (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2024-37079 KEV

Broadcom VMware vCenter Server Out-of-bounds Write

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

CVE-2001-0803 EPSS 59% → 70% · rising (+12%) CVSS 10

Open Group Cde Common Desktop Environment Buffer Overflow

CVE-2003-1165 EPSS 8.2% → 19% · rising (+10%) CVSS 5

Brs Webweaver Buffer Overflow

See EPSS increases

New critical disclosures

CVE-2021-47891 CVSS 9.3

Unified Remote 3.9.0.2463 contains a remote code execution vulnerability that allows attackers to send crafted network packets to execute...

CVE-2022-25369 CVSS 9.8

An issue was discovered in Dynamicweb before 9.12.8.

CVE-2025-52024 CVSS 9.4

A vulnerability exists in the Aptsys POS Platform Web Services module thru 2025-05-28, which exposes internal API testing tools to unauth...

CVE-2025-52025 CVSS 9.4

An SQL Injection vulnerability exists in the GetServiceByRestaurantID endpoint of the Aptsys gemscms POS Platform backend thru 2025-05-28.

CVE-2025-67229 CVSS 9.8

An improper certificate validation vulnerability exists in ToDesktop Builder v0.32.1 This vulnerability allows an unauthenticated, on-pat...

CVE-2025-70457 CVSS 9.8

A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component.

CVE-2025-70983 CVSS 9.9

Incorrect access control in the authRoutes function of SpringBlade v4.5.0 allows attackers with low-level privileges to escalate privileges.

CVE-2025-70985 CVSS 9.1

Incorrect access control in the update function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily modify data outside of their...

CVE-2026-22984 CVSS 9.8

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handle_auth_done()...

CVE-2026-24423 CVSS 9.3

SmarterTools SmarterMail Missing Authentication for Critical Function

View critical disclosures

cvelogic Threat Intelligence