Apr 23, 2026 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Marimo added to CISA KEV — confirmed in-the-wild exploitation.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2026-39987 Marimo Remote Code Execution

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV
  • Remote code execution exposure

Marimo RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2026-33819 Microsoft Bing Deserialization

  • CVSS 10

New critical Microsoft Bing Deserialization (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2026-35431 Microsoft Entra Id SSRF

  • CVSS 10

New critical Microsoft Entra Id SSRF (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2026-27843 CVSS 9.2

A vulnerability exists in SenseLive X3050's web management interface that allows critical configuration parameters to be modified without...

CVE-2026-33102 CVSS 9.3

Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-33819 CVSS 10

Deserialization of untrusted data in Microsoft Bing allows an unauthorized attacker to execute code over a network.

CVE-2026-35431 CVSS 10

Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over...

CVE-2026-35503 CVSS 9.3

New critical Senselive X3500 Firmware exposure disclosed.

CVE-2026-39462 CVSS 9.3

A vulnerability exists in SenseLive X3050’s web management interface in which password updates are not reliably applied due to improper h...

CVE-2026-40620 CVSS 9.3

New critical Senselive X3500 Firmware privilege escalation disclosed.

CVE-2026-40630 CVSS 9.3

New critical Senselive X3500 Firmware exposure disclosed.

CVE-2026-41274 CVSS 9.3

Flowise is a drag & drop user interface to build a customized large language model flow.

View critical disclosures

cvelogic Threat Intelligence