Jan 27, 2026 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Fortinet Multiple Products added to CISA KEV — confirmed in-the-wild exploitation.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2026-24858 Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel

  • Actively exploited (CISA KEV)
  • CVSS 9.8
  • Listed on CISA KEV
  • Authentication bypass — unauthenticated access risk

Fortinet Multiple Products Auth Bypass is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2026-23830 SandboxJS is a JavaScript sandboxing library.

  • CVSS 10
  • Remote code execution exposure

New critical Nyariv Sandboxjs Code Execution (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2025-14988 A security issue has been identified in ibaPDA that could allow unauthorized actions on the file...

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2026-24858 KEV CVSS 9.8

Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2025-14988 CVSS 10

A security issue has been identified in ibaPDA that could allow unauthorized actions on the file system under certain conditions.

CVE-2025-21589 CVSS 9.3

An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allows a network-b...

CVE-2026-1483 CVSS 9.3

An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance Evaluation (EDD) application developed by Gabi...

CVE-2026-22039 CVSS 9.9

Kyverno is a policy engine designed for cloud native platform engineering teams.

CVE-2026-23830 CVSS 10

SandboxJS is a JavaScript sandboxing library.

CVE-2026-24736 CVSS 9.1

Squidex is an open source headless content management system and content management hub.

CVE-2026-24770 CVSS 9.8

RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine.

CVE-2026-24838 CVSS 9.1

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem.

CVE-2026-24841 CVSS 9.9

Dokploy is a free, self-hostable Platform as a Service (PaaS).

View critical disclosures

cvelogic Threat Intelligence