Mar 31, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Cisco Smart Licensing Utility added to CISA KEV — confirmed in-the-wild exploitation.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2024-20439 Cisco Smart Licensing Utility Static Credential

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV
  • Network edge / SD-WAN deployments affected

Confirmed in-the-wild exploitation per CISA KEV — active threat momentum, not theoretical risk.

Critical exposure

CVE-2025-31194 An authentication issue was addressed with improved state management.

  • CVSS 9.8
  • Potential privilege escalation to admin/root

New critical Apple Macos privilege escalation (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2025-30444 A race condition was addressed with improved locking.

  • CVSS 9.8

New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2025-30444 CVSS 9.8

A race condition was addressed with improved locking.

CVE-2025-30452 CVSS 9.8

The issue was addressed with improved checks.

CVE-2025-30457 CVSS 9.8

This issue was addressed with improved validation of symlinks.

CVE-2025-30458 CVSS 9.8

A permissions issue was addressed with additional restrictions.

CVE-2025-30461 CVSS 9.8

An access issue was addressed with additional sandbox restrictions on the system pasteboards.

CVE-2025-30462 CVSS 9.8

A library injection issue was addressed with additional restrictions.

CVE-2025-30465 CVSS 9.8

A permissions issue was addressed with improved validation.

CVE-2025-31182 CVSS 9.8

This issue was addressed with improved handling of symlinks.

CVE-2025-31183 CVSS 9.8

The issue was addressed with improved restriction of data container access.

CVE-2025-31194 CVSS 9.8

An authentication issue was addressed with improved state management.

View critical disclosures

cvelogic Threat Intelligence