Apr 23, 2026 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
- Marimo added to CISA KEV — confirmed in-the-wild exploitation.
- 10 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
CVE-2026-39987
Marimo Remote Code Execution
- Actively exploited (CISA KEV)
- Listed on CISA KEV
- Remote code execution exposure
Marimo RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
Critical exposure
CVE-2026-33819
Microsoft Bing Deserialization
New critical Microsoft Bing Deserialization (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Microsoft Entra Id SSRF (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Marimo Remote Code Execution
View KEV additions
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
A vulnerability exists in SenseLive X3050's web management interface that allows critical configuration parameters to be modified without...
Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.
Deserialization of untrusted data in Microsoft Bing allows an unauthorized attacker to execute code over a network.
Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over...
New critical Senselive X3500 Firmware exposure disclosed.
A vulnerability exists in SenseLive X3050’s web management interface in which password updates are not reliably applied due to improper h...
New critical Senselive X3500 Firmware privilege escalation disclosed.
New critical Senselive X3500 Firmware exposure disclosed.
Flowise is a drag & drop user interface to build a customized large language model flow.
View critical disclosures
cvelogic
Threat Intelligence