Home
» Risk & Exploitation
» Daily threat intelligence
» Apr 14, 2025
Apr 14, 2025 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
Openpanel: public exploit or PoC linked (Directory Traversal)
6 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Active exploit activity
CVE-2019-19245
Napc Xinet Elegant 6 Asset Library SQL Injection
Public exploit or PoC available
Exploit activity linked
Napc Xinet Elegant 6 Asset Library SQL Injection now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Active exploit activity
CVE-2024-11954
A vulnerability classified as problematic was found in Pimcore 11.4.2.
Public exploit or PoC available
Exploit activity linked
Pimcore cross-site scripting now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Critical exposure
CVE-2025-1782
In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly sanit...
New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
View KEV additions
Exploit & PoC activity
An issue in OpenPanel v0.3.4 to v0.2.1 allows attackers to execute a directory traversal in File Actions of File Manager.
An issue found in the Copy and View functions in the File Manager component of OpenPanel v0.3.4 allows attackers to execute a directory t...
OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone parameter.
A vulnerability classified as problematic was found in Pimcore 11.4.2.
A vulnerability, which was classified as critical, has been found in Pimcore customer-data-framework up to 4.2.0.
silverstripe-asset-admin is a silverstripe assets gallery for asset management.
An issue in GestioIP v3.5.7 allows a remote attacker to execute arbitrary code via the file upload function.
The ip_do_job request in GestioIP v3.5.7 is vulnerable to Cross-Site Scripting (XSS).
Multiple endpoints in GestioIP v3.5.7 are vulnerable to Cross-Site Request Forgery (CSRF).
The ip_import_acl_csv request in GestioIP v3.5.7 is vulnerable to Reflected XSS.
The ip_mod_dns_key_form.cgi request in GestioIP v3.5.7 is vulnerable to Stored XSS.
NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginForm[username] field when...
View new exploit links
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly sanitized before being used and can be misuse...
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SicommNet BASEC (SaaS Service) logi...
Insufficiently Protected Credentials vulnerability in SicommNet BASEC on SaaS allows Password Recovery.
Meshtastic is an open source mesh networking solution.
Jupyter Remote Desktop Proxy allows you to run a Linux Desktop on a JupyterHub.
DevDojo Voyager 1.4.0 through 1.8.0, when Laravel 8 or later is used, allows authenticated administrators to execute arbitrary OS command...
View critical disclosures
cvelogic
Threat Intelligence