Mar 4, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

VMware ESXi And Workstation: 3 CVEs added to CISA KEV today.
10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2025-22224 VMware ESXi and Workstation TOCTOU Race Condition

Actively exploited (CISA KEV)
Listed on CISA KEV

VMware ESXi And Workstation Out-of-Bounds Write is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2024-50704 Uniguest Tripleplay RCE

CVSS 10
Remote code execution exposure

New critical Uniguest Tripleplay RCE (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2024-50707 Uniguest Tripleplay RCE

CVSS 10
Remote code execution exposure

New critical Uniguest Tripleplay RCE (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2025-22224 KEV

VMware ESXi and Workstation TOCTOU Race Condition

CVE-2025-22225 KEV

VMware ESXi Arbitrary Write

CVE-2025-22226 KEV

VMware ESXi, Workstation, and Fusion Information Disclosure

CVE-2024-50302 KEV

Linux Kernel Use of Uninitialized Resource

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2024-50704 CVSS 10

Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary cod...

CVE-2024-50707 CVSS 10

Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary cod...

CVE-2025-1260 CVSS 9.1

On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected.

CVE-2025-1316 CVSS 9.3

Edimax IC-7100 IP Camera OS Command Injection

CVE-2025-23410 CVSS 9.3

When uploading organism or sequence data via the web interface, GMOD Apollo will unzip and inspect the files and will not check for path...

CVE-2025-24924 CVSS 9.3

Certain functionality within GMOD Apollo does not require authentication when passed with an administrative username

CVE-2025-26136 CVSS 9.8

A SQL injection vulnerability exists in mysiteforme versions prior to 2025.01.1.

CVE-2025-26319 CVSS 9.8

FlowiseAI Flowise v2.2.6 was discovered to contain an arbitrary file upload vulnerability in /api/v1/attachments.

CVE-2025-27507 CVSS 9

The open-source identity infrastructure software Zitadel allows administrators to disable the user self-registration.

CVE-2025-27510 CVSS 9.3

conda-forge-metadata provides programatic access to conda-forge's metadata.

View critical disclosures

cvelogic Threat Intelligence