Apr 17, 2026 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2026-40492 SAIL is a cross-platform library for loading and saving images with support for animation, metada...

  • CVSS 9.8

New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2026-40493 SAIL is a cross-platform library for loading and saving images with support for animation, metada...

  • CVSS 9.8

New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2026-40494 SAIL is a cross-platform library for loading and saving images with support for animation, metada...

  • CVSS 9.8

New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2026-40317 CVSS 9.3

NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly.

CVE-2026-40324 CVSS 9.1

Hot Chocolate is an open-source GraphQL server.

Thymeleaf is a server-side Java template engine for web and standalone environments.

Thymeleaf is a server-side Java template engine for web and standalone environments.

CVE-2026-40484 CVSS 9.1

ChurchCRM is an open-source church management system.

CVE-2026-40492 CVSS 9.8

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles.

CVE-2026-40493 CVSS 9.8

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles.

CVE-2026-40494 CVSS 9.8

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles.

NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly.

CVE-2026-40582 CVSS 9.1

ChurchCRM is an open-source church management system.

View critical disclosures

cvelogic Threat Intelligence