May 8, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • WordPress plugin RCE/exploit activity: 2 CVEs flagged today.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2025-29813 Microsoft Azure Devops Auth Bypass

  • CVSS 10
  • Authentication bypass — unauthenticated access risk

New critical Microsoft Azure Devops Auth Bypass (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2025-29827 Microsoft Azure Automation privilege escalation

  • CVSS 9.9
  • Potential privilege escalation to admin/root

New critical Microsoft Azure Automation privilege escalation (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2025-29972 Microsoft Azure Storage Resource Provider SSRF

  • CVSS 9.9

New critical Microsoft Azure Storage Resource Provider SSRF (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2023-31585 CVSS 9.8

Grocery-CMS-PHP-Restful-API v1.3 is vulnerable to File Upload via /admin/add-category.php.

CVE-2025-27720 CVSS 9.3

The Pixmeo Osirix MD Web Portal sends credential information without encryption, which could allow an attacker to steal credentials.

CVE-2025-29813 CVSS 10

Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.

CVE-2025-29827 CVSS 9.9

Improper authorization in Azure Automation allows an authorized attacker to elevate privileges over a network.

CVE-2025-29972 CVSS 9.9

Server-side request forgery (ssrf) in Azure Storage Resource Provider allows an authorized attacker to perform spoofing over a network.

CVE-2025-3810 CVSS 9.8

The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.2.

CVE-2025-3811 CVSS 9.8

The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.2.

CVE-2025-45797 CVSS 9.8

TOTOlink A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability.

CVE-2025-45798 CVSS 9.8

A command execution vulnerability exists in the TOTOLINK A950RG V4.1.2cu.5204_B20210112.

CVE-2025-47733 CVSS 9.1

Server-Side Request Forgery (SSRF) in Microsoft Power Apps allows an unauthorized attacker to disclose information over a network

View critical disclosures

cvelogic Threat Intelligence