Apr 30, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Github Actions\/artifact: public exploit or PoC linked (Path Traversal)
  • 8 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2024-42471 actions/artifact is the GitHub ToolKit for developing GitHub Actions.

  • Public exploit or PoC available
  • Exploit activity linked

Github Actions\/artifact Path Traversal now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2025-30390 Microsoft Azure Machine Learning privilege escalation

  • CVSS 9.9
  • Potential privilege escalation to admin/root

New critical Microsoft Azure Machine Learning privilege escalation (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2025-30392 Microsoft Azure Ai Bot Service privilege escalation

  • CVSS 9.8
  • Potential privilege escalation to admin/root

New critical Microsoft Azure Ai Bot Service privilege escalation (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2024-42471 Exploit

actions/artifact is the GitHub ToolKit for developing GitHub Actions.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2025-30390 CVSS 9.9

Improper authorization in Azure allows an authorized attacker to elevate privileges over a network.

CVE-2025-30392 CVSS 9.8

Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.

CVE-2025-44192 CVSS 9.8

SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_clearance.

CVE-2025-45017 CVSS 9.8

A SQL injection vulnerability was discovered in edit-ticket.php of PHPGurukul Park Ticketing Management System v2.0.

CVE-2025-45018 CVSS 9.8

A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management Sy...

XWiki Contrib's Syntax Markdown allows importing Markdown content into wiki pages and creating wiki content in Markdown.

View critical disclosures

cvelogic Threat Intelligence