Mar 3, 2026 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Qualcomm Multiple Chipsets added to CISA KEV — confirmed in-the-wild exploitation.
  • Wegia: public exploit or PoC linked (SQL Injection)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2026-21385 Qualcomm Multiple Chipsets Memory Corruption

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Qualcomm Multiple Chipsets Memory Corruption is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Active exploit activity

CVE-2023-6553 Backupbliss Backup Migration RCE

  • Public exploit or PoC available
  • Exploit activity linked
  • Internet-facing CMS deployments affected

WordPress plugin exposure with public exploit material — mass targeting of internet-facing CMS installs is common once PoCs circulate.

Critical exposure

CVE-2026-28289 FreeScout is a free help desk and shared inbox built with PHP's Laravel framework.

  • CVSS 10
  • Remote code execution exposure

New critical Freescout RCE (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2026-22719 KEV

Broadcom VMware Aria Operations Command Injection

View KEV additions

Exploit & PoC activity

CVE-2025-62360 Exploit

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users.Prior to 3.5.1, a SQL Injection vulnerabil...

CVE-2025-25198 Exploit

mailcow: dockerized is an open source groupware/email suite based on docker.

CVE-2023-6553 Exploit

The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /inc...

CVE-2023-3643 Exploit

A vulnerability was found in Boss Mini 1.4.0 Build 6221.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2026-25146 CVSS 9.6

OpenEMR is a free and open source electronic health records and medical practice management application.

CVE-2026-2590 CVSS 9.8

Improper enforcement of the Disable password saving in vaults setting in the connection entry component in Devolutions Remote Desktop Man...

CVE-2026-26266 CVSS 9.3

AliasVault is a privacy-first password manager with built-in email aliasing.

CVE-2026-26279 CVSS 9.1

Froxlor is open source server administration software.

CVE-2026-27012 CVSS 9.8

OpenSTAManager is an open source management software for technical assistance and invoicing.

CVE-2026-27971 CVSS 9.2

Qwik is a performance focused javascript framework.

CVE-2026-28289 CVSS 10

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework.

CVE-2026-3130 CVSS 9.8

Improper Enforcement of Behavioral Controls in Devolutions Server 2025.3.15 and earlier allows an authenticated attacker with the delete...

CVE-2026-3204 CVSS 9.8

Improper input validation in the error message page in Devolutions Server 2025.3.16 and earlier allows remote attackers to spoof the disp...

CVE-2026-3224 CVSS 9.8

Authentication bypass in the Microsoft Entra ID (Azure AD) authentication mode in Devolutions Server 2025.3.15.0 and earlier allows an un...

View critical disclosures

cvelogic Threat Intelligence