Feb 20, 2026 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Roundcube Webmail: 2 CVEs added to CISA KEV today.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2025-49113 RoundCube Webmail Deserialization of Untrusted Data

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV
  • Remote code execution exposure

Roundcube Webmail RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2021-35402 PROLiNK PRC2402M 20190909 before 2021-06-13 allows live_api.cgi?page=satellite_list OS command in...

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2026-2038 GFI Archiver MArc.Core Missing Authorization Authentication Bypass Vulnerability.

  • CVSS 9.8
  • Authentication bypass — unauthenticated access risk

New critical Gfi Archiver Auth Bypass (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

RoundCube Webmail Deserialization of Untrusted Data

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2019-25441 CVSS 9.3

thesystem 1.0 contains a command injection vulnerability that allows unauthenticated attackers to execute arbitrary system commands by su...

CVE-2021-35402 CVSS 10

PROLiNK PRC2402M 20190909 before 2021-06-13 allows live_api.cgi?page=satellite_list OS command injection via shell metacharacters in the...

CVE-2026-2038 CVSS 9.8

GFI Archiver MArc.Core Missing Authorization Authentication Bypass Vulnerability.

CVE-2026-2039 CVSS 9.8

GFI Archiver MArc.Store Missing Authorization Authentication Bypass Vulnerability.

CVE-2026-2333 CVSS 9.2

Improper Neutralization of Special Elements used in a Command ('Command Injection') in Owl opds 2.2.0.4 allows Command Injection via a cr...

CVE-2026-25896 CVSS 9.3

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no ca...

CVE-2026-26722 CVSS 9.4

An issue in Key Systems Inc Global Facilities Management Software v.20230721a allows a remote attacker to escalate privileges via PIN com...

CVE-2026-26725 CVSS 9.8

An issue in edu Business Solutions Print Shop Pro WebDesk v.18.34 (fixed in 19.76) allows a remote attacker to escalate privileges via th...

CVE-2026-26747 CVSS 9.1

A Host Header Poisoning vulnerability exists in Monica 4.1.2 due to improper handling of the HTTP Host header in app/Providers/AppService...

CVE-2026-27112 CVSS 9.4

Kargo manages and automates the promotion of software artifacts.

View critical disclosures

cvelogic Threat Intelligence