Mar 26, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Sitecore CMS And Experience Platform (XP): 2 CVEs added to CISA KEV today.
  • Nvidia Container Toolkit: public exploit or PoC linked (Code Execution)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2019-9874 Sitecore CMS and Experience Platform (XP) Deserialization

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Sitecore CMS And Experience Platform (XP) Deserialization is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Active exploit activity

CVE-2024-0132 Nvidia Container Toolkit Code Execution

  • Public exploit or PoC available
  • Exploit activity linked
  • Remote code execution exposure

Nvidia Container Toolkit Code Execution now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2025-26004 Telesquare Tlr-2005ksh Firmware Buffer Overflow

  • CVSS 9.8

New critical Telesquare Tlr-2005ksh Firmware Buffer Overflow (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Sitecore CMS and Experience Platform (XP) Deserialization

Sitecore CMS and Experience Platform (XP) Deserialization

View KEV additions

Exploit & PoC activity

CVE-2024-0132 Exploit

NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configurati...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2024-55964 CVSS 9.8

An issue was discovered in Appsmith before 1.52.

CVE-2025-26002 CVSS 9.8

Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with set...

CVE-2025-26003 CVSS 9.8

Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized command execution vulnerability when requesting the admin.cgi parameter with...

CVE-2025-26004 CVSS 9.8

Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack buffer overflow vulnerability when requesting admin.cgi parameter with s...

CVE-2025-26005 CVSS 9.8

Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack overflow vulnerability when requesting admin.cgi parameter with setNtp.

CVE-2025-26006 CVSS 9.8

Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setAutorest.

CVE-2025-26007 CVSS 9.8

Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability in the login interface when requesting systemtil.cgi.

CVE-2025-26008 CVSS 9.8

In Telesquare TLR-2005KSH 1.1.4, an unauthorized stack overflow vulnerability exists when requesting admin.cgi parameter with setSyncTime...

CVE-2025-26010 CVSS 9.8

Telesquare TLR-2005KSH 1.1.4 allows unauthorized password modification when requesting the admin.cgi parameter with setUserNamePassword.

CVE-2025-26011 CVSS 9.8

Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setUsernamePas...

View critical disclosures

cvelogic Threat Intelligence