Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
Soliton Systems K.K FileZen added to CISA KEV — confirmed in-the-wild exploitation.
10 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
CVE-2026-25108Soliton Systems K.K FileZen OS Command Injection
Actively exploited (CISA KEV)
Listed on CISA KEV
Soliton Systems K.K FileZen Command Injection is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
Critical exposure
CVE-2026-27597Enclave is a secure JavaScript sandbox designed for safe AI agent code execution.
CVSS 10
Remote code execution exposure
New critical Agentfront Enclave RCE (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
CVE-2026-27595Parse Dashboard is a standalone dashboard for managing Parse Server apps.
CVSS 9.9
New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.