Mar 20, 2026 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

Apple Multiple Products: 3 CVEs added to CISA KEV today.
10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2025-31277 Apple Multiple Products Buffer Overflow

Actively exploited (CISA KEV)
Listed on CISA KEV

Apple Multiple Products Buffer Overflow is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2024-44722 SysAK v2.0 and before is vulnerable to command execution via aaa;cat /etc/passwd.

CVSS 9.8

New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2026-3584 The Kali Forms plugin for WordPress is vulnerable to Remote Code Execution in all versions up to,...

CVSS 9.8
Internet-facing CMS deployments affected

New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2025-43510 KEV

Apple Multiple Products Improper Locking

CVE-2025-43520 KEV

Apple Multiple Products Classic Buffer Overflow

CVE-2025-31277 KEV

Apple Multiple Products Buffer Overflow

CVE-2025-54068 KEV

Laravel Livewire Code Injection

CVE-2025-32432 KEV

Craft CMS Code Injection

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2024-44722 CVSS 9.8

SysAK v2.0 and before is vulnerable to command execution via aaa;cat /etc/passwd.

CVE-2026-21732 CVSS 9.6

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write cras...

CVE-2026-22172 CVSS 9.4

OpenClaw versions prior to 2026.3.12 contain an authorization bypass vulnerability in the WebSocket connect path that allows shared-token...

CVE-2026-22898 CVSS 9.3

A missing authentication for critical function vulnerability has been reported to affect QVR Pro.

CVE-2026-24060 CVSS 9.1

Service information is not encrypted when transmitted as BACnet packets over the wire, and can be sniffed, intercepted, and modified by a...

CVE-2026-25192 CVSS 9.3

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulat...

CVE-2026-29796 CVSS 9.3

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulat...

CVE-2026-33136 CVSS 9.3

WeGIA is a web manager for charitable institutions.

CVE-2026-33186 CVSS 9.1

gRPC-Go is the Go language implementation of gRPC.

CVE-2026-3584 CVSS 9.8

The Kali Forms plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.4.9 via the 'form_proc...

View critical disclosures

cvelogic Threat Intelligence