CVEMediumSignal 54/100EPSS 13.9%

`CVE-2026-21509`

First Seen

Jun 2, 2026

Last Seen

Jun 3, 2026

Jun 2

First Seen

4d ago

Jun 3

Last Seen

3d ago

Reports

source reports

72%

Confidence

medium

Found in 2 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

CVE

Known vulnerability being actively exploited in the wild.

MISP Category

vulnerability

EPSS Score

13.87%

EPSS Percentile

94.4th

Confidence

72%

Signal Score

54 / 100

IDS Rule

CVE Intelligence

Exploit Probability13.87%

94.4th percentile of all CVEs

Threat Context

Threat Actors1

AAPT28

Feed Intelligence Summary

2 reports72% confidence

Recorded Future Blog

Feb 24, 2026

January 2026 CVE Landscape: 23 Critical Vulnerabilities Mark 5% Increase, APT28 Exploits Microsoft Office Zero-Day

30 IOCs in report

Synaptic Systems

Feb 3, 2026

APT28: Geofencing as a Targeting Signal (CVE-2026-21509 Campaign)

6 IOCs in report

Activity Timeline

2 total obs

Feb 24Feb 3

Threat Activity Heatmap

· Peak: 2026-02-03

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

24h

Dormant

30d

Dormant

3mo

Dormant

Threat ScoreMedium Risk

SIGNAL

Signal Score

72%

Confidence

Reports

First seenJun 2, 2026

Last seenJun 3, 2026

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle

CSV Export

Permalink

IOC Journey

medium

First detected 4 days ago · Last seen 3 days ago

Appeared in 2 threat reports from 2 sources

Associated with: APT28

CVE-2026-21509

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

Related Reports

VirusTotal

Export & API

IOC Journey

`CVE-2026-21509`