May 12, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • TeleMessage TM SGNL added to CISA KEV — confirmed in-the-wild exploitation.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2025-47729 TeleMessage TM SGNL Hidden Functionality

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Confirmed in-the-wild exploitation per CISA KEV — active threat momentum, not theoretical risk.

Critical exposure

CVE-2025-30012 Sap Supplier Relationship Management Deserialization

  • CVSS 10

New critical Sap Supplier Relationship Management Deserialization (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2025-44830 Engineercms Project Engineercms SQL Injection

  • CVSS 9.8

New critical Engineercms Project Engineercms SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2023-49641 CVSS 9.8

Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.

CVE-2025-30012 CVSS 10

The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component, which allows an unauthent...

CVE-2025-30436 CVSS 9.1

This issue was addressed by restricting options offered on a locked device.

CVE-2025-30448 CVSS 9.1

This issue was addressed with additional entitlement checks.

CVE-2025-3659 CVSS 9.4

Improper authentication handling was identified in a set of HTTP POST requests affecting the following product families: * Digi PortServe...

CVE-2025-44022 CVSS 9.8

An issue in vvveb CMS v.1.0.6 allows a remote attacker to execute arbitrary code via the Plugin mechanism.

CVE-2025-44830 CVSS 9.8

EngineerCMS v1.02 through v.2.0.5 has a SQL injection vulnerability in the /project/addprojtemplet interface.

CVE-2025-45779 CVSS 9.8

Tenda AC10 V1.0re_V15.03.06.46 is vulnerable to Buffer Overflow in the formSetPPTPUserList handler via the list POST parameter.

CVE-2025-47682 CVSS 9.3

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision SMS Alert Order Notific...

View critical disclosures

cvelogic Threat Intelligence