Apr 16, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • SonicWall SMA100 Appliances added to CISA KEV — confirmed in-the-wild exploitation.
  • Phpmyfaq: public exploit or PoC linked (privilege escalation)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2021-20035 SonicWall SMA100 Appliances OS Command Injection

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

SonicWall SMA100 Appliances Command Injection is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Active exploit activity

CVE-2020-5509 Phpgurukul Car Rental Portal RCE

  • Public exploit or PoC available
  • Exploit activity linked
  • Remote code execution exposure

Phpgurukul Car Rental Portal RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2025-32433 Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function

  • CVSS 10
  • Remote code execution exposure

New critical Erlang/OTP RCE (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

View KEV additions

Exploit & PoC activity

CVE-2024-23733 Exploit

The /WmAdmin/,/invoke/vm.server/login login page in the Integration Server in Software AG webMethods 10.15.0 before Core_Fix7 allows remo...

CVE-2024-55889 Exploit

phpMyFAQ is an open source FAQ web application.

CVE-2024-48846 Exploit

Cross Site Request Forgery vulnerabilities where found providing a potiential for exposing sensitive information or changing system setti...

CVE-2024-42327 Exploit

A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this...

CVE-2024-11392 Exploit

Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability.

CVE-2024-46278 Exploit

Teedy 1.11 is vulnerable to Cross Site Scripting (XSS) via the management console.

CVE-2024-0399 Exploit

The WooCommerce Customers Manager WordPress plugin before 29.7 does not properly sanitise and escape a parameter before using it in a SQL...

CVE-2024-0566 Exploit

The Smart Manager WordPress plugin before 8.28.0 does not properly sanitise and escape a parameter before using it in a SQL statement, le...

CVE-2022-46945 Exploit

Nagvis before 1.9.34 was discovered to contain an arbitrary file read vulnerability via the component /core/classes/NagVisHoverUrl.php.

CVE-2023-26602 Exploit

ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonst...

CVE-2022-4407 Exploit

Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.9.

CVE-2022-41358 Exploit

A stored cross-site scripting (XSS) vulnerability in Garage Management System v1.0 allows attackers to execute arbitrary web scripts or H...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2024-55371 CVSS 9.8

Wallos <= 2.38.2 has a file upload vulnerability in the restore backup function, which allows authenticated users to restore backups by u...

CVE-2024-55372 CVSS 9.8

Wallos <=2.38.2 has a file upload vulnerability in the restore database function, which allows unauthenticated users to restore database...

CVE-2025-0756 CVSS 9.1

Overview The product receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is...

CVE-2025-27540 CVSS 9.3

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2).

CVE-2025-29708 CVSS 9.8

SourceCodester Company Website CMS 1.0 contains a file upload vulnerability via the "Create Services" file /dashboard/Services.

CVE-2025-29709 CVSS 9.8

SourceCodester Company Website CMS 1.0 has a File upload vulnerability via the "Create portfolio" file /dashboard/portfolio.

CVE-2025-31201 CVSS 9.8

Apple Multiple Products Arbitrary Read and Write

CVE-2025-31340 CVSS 9.9

A improper control of filename for include/require statement in PHP program vulnerability in the retrieve course Information function of...

CVE-2025-32433 CVSS 10

Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function

View critical disclosures

cvelogic Threat Intelligence