Jan 26, 2026 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • SmarterTools SmarterMail: 2 CVEs added to CISA KEV today.
  • Xorux Lpar2rrd — exploitation likelihood rose sharply (EPSS 3.4% → 23% · rising (+19%)).
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2018-14634 Linux Kernel Integer Overflow

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV
  • Potential privilege escalation to admin/root

Linux Kernel privilege escalation is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2014-4982 Xorux Lpar2rrd Command Injection

  • Exploitation likelihood sharply increased
  • CVSS 9.8
  • EPSS 3.4% → 23% · rising (+19%)

Xorux Lpar2rrd: EPSS 3.4% → 23% · rising (+19%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.

Critical exposure

CVE-2016-15057 Apache Continuum Command Injection

  • CVSS 9.9

New critical Apache Continuum Command Injection (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2026-23760 KEV

SmarterTools SmarterMail Authentication Bypass Using an Alternate Path or Channel

CVE-2025-52691 KEV

SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

CVE-2014-4982 EPSS 3.4% → 23% · rising (+19%) CVSS 9.8

Xorux Lpar2rrd Command Injection

CVE-2022-35741 EPSS 19% → 34% · rising (+15%) CVSS 9.8

Apache Cloudstack XXE

CVE-2022-29775 EPSS 53% → 64% · rising (+11%) CVSS 9.8

Ispyconnect Ispy

See EPSS increases

New critical disclosures

CVE-2016-15057 CVSS 9.9

** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apac...

CVE-2025-59091 CVSS 9.3

Multiple hardcoded credentials have been identified, which are allowed to sign-in to the exos 9300 datapoint server running on port 1004...

CVE-2025-59097 CVSS 9.3

The exos 9300 application can be used to configure Access Managers (e.g.

CVE-2025-59103 CVSS 9.2

The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions.

CVE-2025-59108 CVSS 9.2

By default, the password for the Access Manager's web interface, is set to 'admin'.

CVE-2025-70982 CVSS 9.9

Incorrect access control in the importUser function of SpringBlade v4.5.0 allows attackers with low-level privileges to arbitrarily impor...

CVE-2026-22696 CVSS 9.3

dcap-qvl implements the quote verification logic for DCAP (Data Center Attestation Primitives).

CVE-2026-22709 CVSS 9.8

vm2 is an open source vm/sandbox for Node.js.

CVE-2026-24429 CVSS 9.3

Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) ship with a predefined default password for a built-in aut...

CVE-2026-24436 CVSS 9.2

Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) do not enforce rate limiting or account lockout mechanisms...

View critical disclosures

cvelogic Threat Intelligence