May 7, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • GeoVision Multiple Devices: 2 CVEs added to CISA KEV today.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2024-11120 GeoVision Devices OS Command Injection

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

GeoVision Multiple Devices Command Injection is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2025-46828 WeGIA is a web manager for charitable institutions.

  • CVSS 10

New critical Wegia SQL Injection (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2025-20188 New critical Cisco Ios Xe exposure disclosed.

  • CVSS 10
  • Network edge / SD-WAN deployments affected

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2025-20188 CVSS 10

New critical Cisco Ios Xe exposure disclosed.

CVE-2025-2775 CVSS 9.3

SysAid On-Prem Improper Restriction of XML External Entity Reference

CVE-2025-2776 CVSS 9.3

SysAid On-Prem Improper Restriction of XML External Entity Reference

CVE-2025-2777 CVSS 9.3

SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the lshw processing fu...

CVE-2025-3476 CVSS 9.4

Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager.

CVE-2025-36546 CVSS 9.2

On an F5OS system, if the root user had previously configured the system to allow login via SSH key-based authentication, and then enable...

CVE-2025-4104 CVSS 9.8

The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_wp_ajax_fe...

CVE-2025-46828 CVSS 10

WeGIA is a web manager for charitable institutions.

CVE-2025-47549 CVSS 9.1

Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF beaf-before-and-after-gallery allows Upload a Web Shell to...

CVE-2025-47657 CVSS 9.3

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Productive Minds Productive Commerc...

View critical disclosures

cvelogic Threat Intelligence