Apr 15, 2025 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
- Ivanti Connect Secure, Policy Secure, And ZTA Gateways: public exploit or PoC linked (RCE)
- 10 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Active exploit activity
CVE-2024-10924
Really-simple-plugins Really Simple Security Auth Bypass
- Public exploit or PoC available
- Exploit activity linked
- Internet-facing CMS deployments affected
WordPress plugin exposure with public exploit material — mass targeting of internet-facing CMS installs is common once PoCs circulate.
Active exploit activity
CVE-2024-48839
Abb Aspect-ent-12 Firmware RCE
- Public exploit or PoC available
- Exploit activity linked
- Remote code execution exposure
Abb Aspect-ent-12 Firmware RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Critical exposure
CVE-2025-26927
Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes AI Hub aihub allows...
New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
View KEV additions
Exploit & PoC activity
Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow
IBM i 7.3, 7.4, and 7.5 is vulnerable to server-side request forgery (SSRF).
IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions.
Improper Input Validation vulnerability allows Remote Code Execution.
Denial of Service vulnerabilities where found providing a potiential for device service disruptions.
Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unau...
Credentials Disclosure vulnerabilities allow access to on board project back-up bundles.
Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device.
Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser.
A NoSQL injection vulnerability in Adapt Learning Adapt Authoring Tool <= 0.11.3 allows unauthenticated attackers to reset user and admin...
The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0...
common-user-management is a robust Spring Boot application featuring user management services designed to control user access dynamically.
View new exploit links
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
Due to lack of server-side input validation, attackers can inject malicious JavaScript code into users personal spaces of the web portal.
Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes AI Hub aihub allows Upload a Web Shell to a Web Server.This...
Dpanel is a Docker visualization panel system which provides complete Docker management functions.
NATS-Server is a High-Performance server for NATS.io, the cloud and edge native messaging system.
An attacker can upload an arbitrary file instead of a plant image.
Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: iSurvey Module).
Cross-Site Request Forgery (CSRF) vulnerability in NotFound WPJobBoard allows Upload a Web Shell to a Web Server.
Argo Events is an event-driven workflow automation framework for Kubernetes.
Web-Check is an all-in-one OSINT tool for analyzing any website.
Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs (CWE-338).
View critical disclosures
cvelogic
Threat Intelligence