Feb 8, 2026 Cyber Threat Intelligence

Daily summary

• Novell Netware — exploitation likelihood rose sharply (EPSS 11% → 25% · rising (+14%)).

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2010-2351 Novell Netware Buffer Overflow

• Exploitation likelihood sharply increased
• CVSS 10
• EPSS 11% → 25% · rising (+14%)

Novell Netware: EPSS 11% → 25% · rising (+14%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.

Emerging exploitation risk

CVE-2021-31181 Microsoft Sharepoint Enterprise Server RCE

• Exploitation likelihood sharply increased
• Remote code execution exposure
• EPSS 28% → 41% · rising (+12%)

Microsoft Sharepoint Enterprise Server: EPSS 28% → 41% · rising (+12%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.

Critical exposure

CVE-2025-15027 The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versio...

• CVSS 9.8
• Internet-facing CMS deployments affected

New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

CVE-2010-2351 EPSS 11% → 25% · rising (+14%) CVSS 10

Novell Netware Buffer Overflow

CVE-2021-31181 EPSS 28% → 41% · rising (+12%) CVSS 8.8

Microsoft Sharepoint Enterprise Server RCE

CVE-2022-48107 EPSS 9.8% → 22% · rising (+12%) CVSS 9.8

Dlink Dir 878 Firmware Command Injection

See EPSS increases

New critical disclosures

CVE-2025-15027 CVSS 9.8

The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03.

View critical disclosures