Apr 3, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Nagios Log Server: public exploit or PoC linked (cross-site scripting)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2024-55963 An issue was discovered in Appsmith before 1.51.

  • Public exploit or PoC available
  • Exploit activity linked

Appsmith DoS now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2025-29471 Nagios Log Server cross-site scripting

  • Public exploit or PoC available
  • Exploit activity linked

Nagios Log Server cross-site scripting now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2024-22611 Open-emr Openemr SQL Injection

  • CVSS 9.8

New critical Open-emr Openemr SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2025-29471 Exploit

Cross Site Scripting vulnerability in Nagios Log Server v.2024R1.3.1 allows a remote attacker to execute arbitrary code via a payload int...

CVE-2024-55963 Exploit

An issue was discovered in Appsmith before 1.51.

CVE-2025-30208 Exploit

Vite, a provider of frontend development tooling, has a vulnerability in versions prior to 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10.

CVE-2024-44762 Exploit

A discrepancy in error messages for invalid login attempts in Webmin Usermin v2.100 allows attackers to enumerate valid user accounts.

CVE-2024-4007 Exploit

Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instanc...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2024-22611 CVSS 9.8

OpenEMR 7.0.2 is vulnerable to SQL Injection via \openemr\library\classes\Pharmacy.class.php, \controllers\C_Pharmacy.class.php and \open...

Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow

CVE-2025-26817 CVSS 9.8

Netwrix Password Secure 9.2.0.32454 allows OS command injection.

CVE-2025-26818 CVSS 9.8

Netwrix Password Secure through 9.2 allows command injection.

CVE-2025-29064 CVSS 9.8

An issue in TOTOLINK x18 v.9.1.0cu.2024_B20220329 allows a remote attacker to execute arbitrary code via the sub_410E54 function of the c...

CVE-2025-29462 CVSS 9.8

A buffer overflow vulnerability has been discovered in Tenda Ac15 V15.13.07.13.

CVE-2025-29647 CVSS 9.8

SeaCMS v13.3 has a SQL injection vulnerability in the component admin_tempvideo.php.

Gladinet CentreStack and Triofox Use of Hard-coded Cryptographic Key

CVE-2025-31911 CVSS 9.3

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in reputeinfosystems Social Share And...

View critical disclosures

cvelogic Threat Intelligence