Jan 29, 2026 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Ivanti Endpoint Manager Mobile (EPMM) added to CISA KEV — confirmed in-the-wild exploitation.
  • Applied Watch Technologies Applied Watch Command Center — exploitation likelihood rose sharply (EPSS 4.1% → 20% · rising (+16%)).
  • 7 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2026-1281 Ivanti Endpoint Manager Mobile (EPMM) Code Injection

  • Actively exploited (CISA KEV)
  • CVSS 9.8
  • Listed on CISA KEV
  • Remote code execution exposure

Ivanti Endpoint Manager Mobile (EPMM) RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Emerging exploitation risk

CVE-2003-0974 Applied Watch Technologies Applied Watch Command Center

  • Exploitation likelihood sharply increased
  • EPSS 4.1% → 20% · rising (+16%)

Applied Watch Technologies Applied Watch Command Center: EPSS 4.1% → 20% · rising (+16%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.

Critical exposure

CVE-2025-69929 N3uron Web User Interface privilege escalation

  • CVSS 9.8
  • Potential privilege escalation to admin/root

New critical N3uron Web User Interface privilege escalation (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2026-1281 KEV CVSS 9.8

Ivanti Endpoint Manager Mobile (EPMM) Code Injection

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

CVE-2003-0974 EPSS 4.1% → 20% · rising (+16%) CVSS 7.5

Applied Watch Technologies Applied Watch Command Center

CVE-2009-0885 EPSS 39% → 51% · rising (+11%) CVSS 9.3

Mediacommands Media Commands Buffer Overflow

CVE-2003-0128 EPSS 24% → 35% · rising (+10%) CVSS 5

Ximian Evolution Buffer Overflow

See EPSS increases

New critical disclosures

CVE-2020-37012 CVSS 9.3

Tea LaTex 1.0 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary shell commands th...

CVE-2025-69929 CVSS 9.8

An issue in N3uron Web User Interface v.1.21.7-240207.1047 allows a remote attacker to escalate privileges via the password hashing on th...

CVE-2026-1340 CVSS 9.8

Ivanti Endpoint Manager Mobile (EPMM) Code Injection

CVE-2026-1453 CVSS 9.3

A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create...

CVE-2026-22806 CVSS 9.1

vCluster Platform provides a Kubernetes platform for managing virtual clusters, multi-tenancy, and cluster sharing.

CVE-2026-25047 CVSS 9.4

deepHas provides a test for the existence of a nested object key and optionally returns that key.

View critical disclosures

cvelogic Threat Intelligence