Apr 8, 2026 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

Ivanti Endpoint Manager Mobile (EPMM) added to CISA KEV — confirmed in-the-wild exploitation.
7-zip: public exploit or PoC linked (RCE)
10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2026-1340 Ivanti Endpoint Manager Mobile (EPMM) Code Injection

Actively exploited (CISA KEV)
Listed on CISA KEV
Remote code execution exposure

Ivanti Endpoint Manager Mobile (EPMM) RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Active exploit activity

CVE-2023-33177 Xibo is a content management system (CMS).

Public exploit or PoC available
Exploit activity linked

Xibosignage Xibo Path Traversal now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2026-39888 PraisonAI is a multi-agent teams system.

CVSS 9.9

New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2026-1340 KEV

Ivanti Endpoint Manager Mobile (EPMM) Code Injection

View KEV additions

Exploit & PoC activity

CVE-2025-11001 Exploit

7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability.

CVE-2025-64446 Exploit

Fortinet FortiWeb Path Traversal

CVE-2025-48868 Exploit

Horilla is a free and open source Human Resource Management System (HRMS).

CVE-2025-6965 Exploit

There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns avai...

CVE-2025-26633 Exploit

Microsoft Windows Management Console (MMC) Improper Neutralization

CVE-2023-33177 Exploit

Xibo is a content management system (CMS).

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2025-52221 CVSS 9.8

Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetCfm function via the funcname, funcpara1, and funcpara2 parame...

CVE-2026-2942 CVSS 9.8

The ProSolution WP Client plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'proSol...

CVE-2026-31017 CVSS 9.1

A Server-Side Request Forgery (SSRF) vulnerability exists in the Print Format functionality of ERPNext v16.0.1 and Frappe Framework v16.1...

CVE-2026-3199 CVSS 9.4

CVE-2026-39860 CVSS 9

Nix is a package manager for Linux and other Unix systems.

CVE-2026-39888 CVSS 9.9

PraisonAI is a multi-agent teams system.

CVE-2026-39890 CVSS 9.8

PraisonAI is a multi-agent teams system.

CVE-2026-40035 CVSS 9.3

Unfurl through 2025.08 contains an improper input validation vulnerability in config parsing that enables Flask debug mode by default.

CVE-2026-5874 CVSS 9.6

Use after free in PrivateAI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific...

CVE-2026-5902 CVSS 9.8

Race in Media in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to co...

View critical disclosures

cvelogic Threat Intelligence