May 9, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Apache Activemq: public exploit or PoC linked (DoS)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2024-21111 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).

  • Public exploit or PoC available
  • Exploit activity linked
  • Potential privilege escalation to admin/root

Oracle Vm Virtualbox privilege escalation now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2024-38193 Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation

  • Public exploit or PoC available
  • Exploit activity linked
  • Potential privilege escalation to admin/root

Microsoft Windows Privilege Escalation now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2025-45885 Phpgurukul Vehicle Parking Management System SQL Injection

  • CVSS 9.8

New critical Phpgurukul Vehicle Parking Management System SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2025-27533 Exploit

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ.

CVE-2025-2011 Exploit

The Slider & Popup Builder by Depicter plugin for WordPress is vulnerable to generic SQL Injection via the ‘s' parameter in all versions...

CVE-2025-27007 Exploit

Incorrect Privilege Assignment vulnerability in Brainstorm Force OttoKit suretriggers allows Privilege Escalation.This issue affects Otto...

CVE-2024-38193 Exploit

Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation

CVE-2024-21111 Exploit

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2025-28200 CVSS 9.8

Victure RX1800 EN_V1.0.0_r12_110933 was discovered to utilize a weak default password which includes the last 8 digits of the Mac address.

CVE-2025-45513 CVSS 9.8

Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.P2pListFilter.

CVE-2025-45885 CVSS 9.8

PHPGURUKUL Vehicle Parking Management System v1.13 is vulnerable to SQL injection in the /vpms/users/login.php file.

CVE-2025-45887 CVSS 9.1

Yifang CMS v2.0.2 is vulnerable to Server-Side Request Forgery (SSRF) in /api/file/getRemoteContent.

CVE-2025-46188 CVSS 9.8

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in superadmin_phpmyadmin.php.

CVE-2025-46189 CVSS 9.8

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_order_customer_update.php via the order_id PO...

CVE-2025-46190 CVSS 9.8

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_delivery_update.php via the order_id POST par...

CVE-2025-46191 CVSS 9.8

Arbitrary File Upload in user_payment_update.php in SourceCodester Client Database Management System 1.0 allows unauthenticated users to...

CVE-2025-46192 CVSS 9.8

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_payment_update.php via the order_id POST para...

CVE-2025-46193 CVSS 9.8

SourceCodester Client Database Management System 1.0 is vulnerable to Remote code execution via Arbitrary file upload in user_proposal_up...

View critical disclosures

cvelogic Threat Intelligence