Apr 28, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Commvault Web Server added to CISA KEV — confirmed in-the-wild exploitation.
  • 7 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2025-1976 Broadcom Brocade Fabric OS Code Injection

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV
  • Potential privilege escalation to admin/root

Broadcom Brocade Fabric OS privilege escalation is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2025-46661 Ipwsystems Metazo RCE

  • CVSS 10
  • Remote code execution exposure

New critical Ipwsystems Metazo RCE (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2015-2079 Webmin Usermin RCE

  • CVSS 9.9
  • Remote code execution exposure

New critical Webmin Usermin RCE (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Qualitia Active! Mail Stack-Based Buffer Overflow

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2015-2079 CVSS 9.9

Usermin 0.980 through 1.x before 1.660 allows uconfig_save.cgi sig_file_free remote code execution because it uses the two argument (not...

CVE-2025-31651 CVSS 9.8

Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat.

CVE-2025-3200 CVSS 9.1

An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted c...

CVE-2025-45947 CVSS 9.8

An issue in phpgurukul Online Banquet Booking System V1.2 allows an attacker to execute arbitrary code via the /obbs/change-password.php...

CVE-2025-45949 CVSS 9.8

A critical vulnerability was found in PHPGurukul User Registration & Login and User Management System V3.3 in the /loginsystem/change-pas...

CVE-2025-45953 CVSS 9.1

A vulnerability was found in PHPGurukul Hostel Management System 2.1 in the /hostel/change-password.php file of the user panel - Change P...

CVE-2025-46661 CVSS 10

IPW Systems Metazo through 8.1.3 allows unauthenticated Remote Code Execution because smartyValidator.php enables the attacker to provide...

View critical disclosures

cvelogic Threat Intelligence