Feb 6, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

Sophos CyberoamOS: 2 CVEs added to CISA KEV today.
10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2020-15069 Sophos XG Firewall Buffer Overflow

Actively exploited (CISA KEV)
Listed on CISA KEV
Remote code execution exposure

Sophos XG Firewall RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2025-24786 WhoDB is an open source database management tool.

CVSS 10

New critical Clidey Whodb Path Traversal (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2024-57430 Phpjabbers Cinema Booking System Privilege Escalation

CVSS 9.8
Potential privilege escalation to admin/root

New critical Phpjabbers Cinema Booking System Privilege Escalation (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2025-0411 KEV

7-Zip Mark of the Web Bypass

CVE-2024-21413 KEV

Microsoft Outlook Improper Input Validation

CVE-2022-23748 KEV

Dante Discovery Process Control

CVE-2020-29574 KEV

CyberoamOS (CROS) SQL Injection

CVE-2020-15069 KEV

Sophos XG Firewall Buffer Overflow

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-40916 CVSS 9.8

Tiny File Manager v2.4.7 and below is vulnerable to session fixation.

CVE-2024-36554 CVSS 9.8

Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h and Forever KidsWatch Call Me KW-60 R36CW_YDE_S4_A29_2_V...

CVE-2024-36555 CVSS 9.8

Built-in SMS-configuration command in Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h and Forever KidsWat...

CVE-2024-36556 CVSS 9.1

Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h, and Forever KidsWatch Call Me 2 KW60 R36CW_YDE_S4_A29_2_...

CVE-2024-39272 CVSS 9

A cross-site scripting (xss) vulnerability exists in the dataset upload functionality of ClearML Enterprise Server 3.22.5-1533.

CVE-2024-57428 CVSS 9.3

A stored cross-site scripting (XSS) vulnerability in PHPJabbers Cinema Booking System v2.0 exists due to unsanitized input in file upload...

CVE-2024-57430 CVSS 9.8

An SQL injection vulnerability in the pjActionGetUser function of PHPJabbers Cinema Booking System v2.0 allows attackers to manipulate da...

CVE-2025-22992 CVSS 9.8

A SQL Injection vulnerability exists in the /feed/insert.json endpoint of the Emoncms project >= 11.6.9.

CVE-2025-24786 CVSS 10

WhoDB is an open source database management tool.

CVE-2025-24981 CVSS 9.3

MDC is a tool to take regular Markdown and write documents interacting deeply with a Vue component.

View critical disclosures

cvelogic Threat Intelligence