Apr 14, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Openpanel: public exploit or PoC linked (Directory Traversal)
  • 6 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2019-19245 Napc Xinet Elegant 6 Asset Library SQL Injection

  • Public exploit or PoC available
  • Exploit activity linked

Napc Xinet Elegant 6 Asset Library SQL Injection now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2024-11954 A vulnerability classified as problematic was found in Pimcore 11.4.2.

  • Public exploit or PoC available
  • Exploit activity linked

Pimcore cross-site scripting now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2025-1782 In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly sanit...

  • CVSS 9.9

New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2024-53537 Exploit

An issue in OpenPanel v0.3.4 to v0.2.1 allows attackers to execute a directory traversal in File Actions of File Manager.

CVE-2024-53582 Exploit

An issue found in the Copy and View functions in the File Manager component of OpenPanel v0.3.4 allows attackers to execute a directory t...

CVE-2024-53584 Exploit

OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone parameter.

CVE-2024-11954 Exploit

A vulnerability classified as problematic was found in Pimcore 11.4.2.

CVE-2024-11956 Exploit

A vulnerability, which was classified as critical, has been found in Pimcore customer-data-framework up to 4.2.0.

CVE-2024-47605 Exploit

silverstripe-asset-admin is a silverstripe assets gallery for asset management.

CVE-2024-48760 Exploit

An issue in GestioIP v3.5.7 allows a remote attacker to execute arbitrary code via the file upload function.

CVE-2024-50857 Exploit

The ip_do_job request in GestioIP v3.5.7 is vulnerable to Cross-Site Scripting (XSS).

CVE-2024-50858 Exploit

Multiple endpoints in GestioIP v3.5.7 are vulnerable to Cross-Site Request Forgery (CSRF).

CVE-2024-50859 Exploit

The ip_import_acl_csv request in GestioIP v3.5.7 is vulnerable to Reflected XSS.

CVE-2024-50861 Exploit

The ip_mod_dns_key_form.cgi request in GestioIP v3.5.7 is vulnerable to Stored XSS.

CVE-2019-19245 Exploit

NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginForm[username] field when...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2025-1782 CVSS 9.9

In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly sanitized before being used and can be misuse...

CVE-2025-22371 CVSS 9.3

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SicommNet BASEC (SaaS Service) logi...

CVE-2025-22372 CVSS 9.3

Insufficiently Protected Credentials vulnerability in SicommNet BASEC on SaaS allows Password Recovery.

CVE-2025-24797 CVSS 9.4

Meshtastic is an open source mesh networking solution.

Jupyter Remote Desktop Proxy allows you to run a Linux Desktop on a JupyterHub.

CVE-2025-32931 CVSS 9.1

DevDojo Voyager 1.4.0 through 1.8.0, when Laravel 8 or later is used, allows authenticated administrators to execute arbitrary OS command...

View critical disclosures

cvelogic Threat Intelligence