Feb 17, 2026 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
- Google Chromium added to CISA KEV — confirmed in-the-wild exploitation.
- 7 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
CVE-2008-0015
Microsoft Windows Video ActiveX Control Remote Code Execution
- Actively exploited (CISA KEV)
- Listed on CISA KEV
- Remote code execution exposure
Microsoft Windows RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
Critical exposure
CVE-2026-22769
Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials
New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.
Critical exposure
CVE-2025-70830
A Server-Side Template Injection (SSTI) vulnerability in the Freemarker template engine of Datart...
New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Google Chromium CSS Use-After-Free
TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type
Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery
Microsoft Windows Video ActiveX Control Remote Code Execution
View KEV additions
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
Rocket TRUfusion Enterprise through 7.10.5 exposes the endpoint at /axis2/services/WsPortalV6UpDwAxis2Impl to authenticated users to be a...
Improper Input Validation vulnerability.
A Server-Side Template Injection (SSTI) vulnerability in the Freemarker template engine of Datart v1.0.0-rc.3 allows authenticated attack...
The affected products are vulnerable to an unauthenticated API endpoint exposure, which may allow an attacker to remotely change the "for...
OpenS100 (the reference implementation S-100 viewer) prior to commit 753cf29 contains a remote code execution vulnerability via an unrest...
Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials
Glory RBG-100 recycler systems using the ISPK-08 software component contain hard-coded operating system credentials that allow remote aut...
View critical disclosures
cvelogic
Threat Intelligence