May 1, 2026 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Linux Kernel added to CISA KEV — confirmed in-the-wild exploitation.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2026-31431 Linux Kernel Incorrect Resource Transfer Between Spheres

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Confirmed in-the-wild exploitation per CISA KEV — active threat momentum, not theoretical risk.

Critical exposure

CVE-2026-37541 Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005.

  • CVSS 10

New critical Openvehicles Open Vehicle Monitoring System Firmware Buffer Overflow (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2026-37531 Linuxfoundation Automotive Grade Linux Directory Traversal

  • CVSS 9.8

New critical Linuxfoundation Automotive Grade Linux Directory Traversal (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2026-31431 KEV

Linux Kernel Incorrect Resource Transfer Between Spheres

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2026-37531 CVSS 9.8

AGL app-framework-main thru 17.1.12 contains a Zip Slip path traversal vulnerability (CWE-22) combined with a TOCTOU race condition (CWE-...

CVE-2026-37534 CVSS 9.8

Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1939_Read_Tra...

CVE-2026-37539 CVSS 9.8

Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in funct...

CVE-2026-37541 CVSS 10

Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005.

CVE-2026-42472 CVSS 9.8

Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17.

CVE-2026-42473 CVSS 9.8

Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17.

CVE-2026-43011 CVSS 9.8

In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix potential double free of skb When alloc_skb fails in x25...

CVE-2026-43037 CVSS 9.8

In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() Oskar Kjos reported the...

CVE-2026-43038 CVSS 9.8

In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() Sashiko...

CVE-2026-43039 CVSS 9.8

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC...

View critical disclosures

cvelogic Threat Intelligence