Apr 15, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Ivanti Connect Secure, Policy Secure, And ZTA Gateways: public exploit or PoC linked (RCE)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2024-10924 Really-simple-plugins Really Simple Security Auth Bypass

  • Public exploit or PoC available
  • Exploit activity linked
  • Internet-facing CMS deployments affected

WordPress plugin exposure with public exploit material — mass targeting of internet-facing CMS installs is common once PoCs circulate.

Active exploit activity

CVE-2024-48839 Abb Aspect-ent-12 Firmware RCE

  • Public exploit or PoC available
  • Exploit activity linked
  • Remote code execution exposure

Abb Aspect-ent-12 Firmware RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2025-26927 Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes AI Hub aihub allows...

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2025-0282 Exploit

Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow

CVE-2024-51463 Exploit

IBM i 7.3, 7.4, and 7.5 is vulnerable to server-side request forgery (SSRF).

CVE-2024-51464 Exploit

IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions.

CVE-2024-48839 Exploit

Improper Input Validation vulnerability allows Remote Code Execution.

CVE-2024-48844 Exploit

Denial of Service vulnerabilities where found providing a potiential for device service disruptions.

CVE-2024-48845 Exploit

Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unau...

CVE-2024-51546 Exploit

Credentials Disclosure vulnerabilities allow access to on board project back-up bundles.

CVE-2024-51550 Exploit

Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device.

CVE-2024-6516 Exploit

Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser.

CVE-2024-50672 Exploit

A NoSQL injection vulnerability in Adapt Learning Adapt Authoring Tool <= 0.11.3 allows unauthenticated attackers to reset user and admin...

CVE-2024-10924 Exploit

The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0...

CVE-2024-52302 Exploit

common-user-management is a robust Spring Boot application featuring user management services designed to control user access dynamically.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2025-24297 CVSS 9.3

Due to lack of server-side input validation, attackers can inject malicious JavaScript code into users personal spaces of the web portal.

CVE-2025-26927 CVSS 10

Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes AI Hub aihub allows Upload a Web Shell to a Web Server.This...

CVE-2025-30206 CVSS 9.8

Dpanel is a Docker visualization panel system which provides complete Docker management functions.

CVE-2025-30215 CVSS 9.6

NATS-Server is a High-Performance server for NATS.io, the cloud and edge native messaging system.

CVE-2025-30510 CVSS 9.3

An attacker can upload an arbitrary file instead of a plant image.

CVE-2025-30727 CVSS 9.8

Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: iSurvey Module).

CVE-2025-30967 CVSS 9.6

Cross-Site Request Forgery (CSRF) vulnerability in NotFound WPJobBoard allows Upload a Web Shell to a Web Server.

CVE-2025-32445 CVSS 9.9

Argo Events is an event-driven workflow automation framework for Kubernetes.

CVE-2025-32778 CVSS 9.3

Web-Check is an all-in-one OSINT tool for analyzing any website.

CVE-2025-3495 CVSS 9.8

Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs (CWE-338).

View critical disclosures

cvelogic Threat Intelligence