Mar 5, 2026 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
- Apple Multiple Products: 3 CVEs added to CISA KEV today.
- 10 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
CVE-2021-30952
Apple Multiple Products Integer Overflow or Wraparound
- Actively exploited (CISA KEV)
- Listed on CISA KEV
- Remote code execution exposure
Apple Multiple Products RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
Critical exposure
CVE-2026-21536
Microsoft Devices Pricing Program Remote Code Execution Vulnerability
- CVSS 9.8
- Remote code execution exposure
New critical Microsoft Devices Pricing Program RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
CVE-2026-28501
WWBN AVideo is an open source video platform.
New critical Wwbn Avideo SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Apple Multiple products Use-After-Free
Apple iOS and iPadOS Use-After-Free
Apple Multiple Products Integer Overflow or Wraparound
Rockwell Multiple Products Insufficient Protected Credentials
Hikvision Multiple Products Improper Authentication
View KEV additions
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
Chamilo is a learning management system.
Chamilo is a learning management system.
Microsoft Devices Pricing Program Remote Code Execution Vulnerability
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulat...
OpenClaw's Nextcloud Talk plugin versions prior to 2026.2.6 accept equality matching on the mutable actor.name display name field for all...
TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32.
WWBN AVideo is an open source video platform.
WWBN AVideo is an open source video platform.
Sensitive information disclosure and manipulation due to improper authentication.
TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32.
View critical disclosures
cvelogic
Threat Intelligence