Mar 19, 2026 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Cisco Secure Firewall Management Center (FMC) added to CISA KEV — confirmed in-the-wild exploitation.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2026-20131 Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV
  • Network edge / SD-WAN deployments affected

Cisco Secure Firewall Management Center (FMC) Deserialization is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2026-32760 Filebrowser

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2026-32767 SiYuan is a personal knowledge management system.

  • CVSS 9.8

New critical B3log Siyuan SQL injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2026-20131 KEV

Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2026-21992 CVSS 9.8

Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware (component: REST WebServices) and Oracle Web Services Ma...

CVE-2026-22732 CVSS 9.1

When applications specify HTTP response headers for servlet applications using Spring Security, there is the possibility that the HTTP He...

CVE-2026-29103 CVSS 9.1

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application.

CVE-2026-32754 CVSS 9.3

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework.

CVE-2026-32760 CVSS 10

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory.

CVE-2026-32767 CVSS 9.8

SiYuan is a personal knowledge management system.

CVE-2026-32817 CVSS 9.1

Admidio is an open-source user management solution.

CVE-2026-32890 CVSS 9.6

Anchorr is a Discord bot for requesting movies and TV shows and receiving notifications when items are added to a media server.

CVE-2026-32891 CVSS 9

Anchorr is a Discord bot for requesting movies and TV shows and receiving notifications when items are added to a media server.

CVE-2026-32985 CVSS 9.3

Xerte Online Toolkits versions 3.14 and earlier contain an unauthenticated arbitrary file upload vulnerability in the template import fun...

View critical disclosures

cvelogic Threat Intelligence