Jan 30, 2026 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Gv — exploitation likelihood rose sharply (EPSS 9.4% → 25% · rising (+16%)).
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Emerging exploitation risk

CVE-2004-1717 Gv Buffer Overflow

  • Exploitation likelihood sharply increased
  • EPSS 9.4% → 25% · rising (+16%)

Gv: EPSS 9.4% → 25% · rising (+16%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.

Emerging exploitation risk

CVE-2002-0559 Oracle Application Server Buffer Overflow

  • Exploitation likelihood sharply increased
  • EPSS 26% → 39% · rising (+12%)

Oracle Application Server: EPSS 26% → 39% · rising (+12%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.

Critical exposure

CVE-2026-1699 Eclipse Theia Website

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

CVE-2004-1717 EPSS 9.4% → 25% · rising (+16%) CVSS 7.5

Gv Buffer Overflow

CVE-2002-0559 EPSS 26% → 39% · rising (+12%) CVSS 7.5

Oracle Application Server Buffer Overflow

CVE-2015-7805 EPSS 48% → 59% · rising (+11%) CVSS 9.3

Mega-nerd Libsndfile Buffer Overflow

CVE-2023-50564 EPSS 25% → 35% · rising (+10%) CVSS 8.8

Pluck-cms Pluck

See EPSS increases

New critical disclosures

CVE-2020-37027 CVSS 9.3

Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands thr...

CVE-2020-37052 CVSS 9.3

AirControl 1.4.2 contains a pre-authentication remote code execution vulnerability that allows unauthenticated attackers to execute arbit...

CVE-2025-24293 CVSS 9.2

# Active Storage allowed transformation methods potentially unsafe Active Storage attempts to prevent the use of potentially unsafe image...

CVE-2025-26385 CVSS 9.5

Johnson Controls Metasys component listed below have Improper Neutralization of Special Elements used in a Command (Command Injection) Vu...

CVE-2025-51958 CVSS 9.8

aelsantex runcommand 2014-04-01, a plugin for DokuWiki, allows unauthenticated attackers to execute arbitrary system commands via lib/plu...

CVE-2025-7964 CVSS 9.2

After receiving a malformed 802.15.4 MAC Data Request the Zigbee Coordinator sends a ‘network leave’ request to Zigbee router resulting i...

CVE-2026-1699 CVSS 10

In the Eclipse Theia Website repository, the GitHub Actions workflow .github/workflows/preview.yml used pull_request_target trigger while...

CVE-2026-1723 CVSS 9.2

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TOTOLINK X6000R allows OS Com...

CVE-2026-25130 CVSS 9.6

Cybersecurity AI (CAI) is a framework for AI Security.

CVE-2026-25141 CVSS 9.3

Orval generates type-safe JS clients (TypeScript) from any valid OpenAPI v3 or Swagger v2 specification.

View critical disclosures

cvelogic Threat Intelligence