May 15, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • SAP NetWeaver added to CISA KEV — confirmed in-the-wild exploitation.
  • WordPress plugin RCE/exploit activity: 4 CVEs flagged today.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2024-12987 DrayTek Vigor Routers OS Command Injection

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

DrayTek Vigor Routers Command Injection is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2024-6159 Pnfpb Push Notification For Post And Buddypress SQL Injection

  • CVSS 9.8
  • Internet-facing CMS deployments affected

New critical Pnfpb Push Notification For Post And Buddypress SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2024-6809 Quantumcloud Simple Video Directory SQL Injection

  • CVSS 9.8
  • Internet-facing CMS deployments affected

New critical Quantumcloud Simple Video Directory SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2024-6159 CVSS 9.8

The Push Notification for Post and BuddyPress WordPress plugin before 1.9.4 does not properly sanitise and escape a parameter before usin...

CVE-2024-6584 CVSS 9.1

The 'wp_ajax_boost_proxy_ig' action allows administrators to make GET requests to arbitrary URLs.

CVE-2024-6809 CVSS 9.8

The Simple Video Directory WordPress plugin before 1.4.3 does not properly sanitise and escape a parameter before using it in a SQL state...

CVE-2024-8673 CVSS 9.1

The Z-Downloads WordPress plugin before 1.11.7 does not properly validate uploaded files allowing for the uploading of SVGs containing ma...

CVE-2025-32002 CVSS 9.3

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in I-O DATA network attached hard...

CVE-2025-4564 CVSS 9.8

The TicketBAI Facturas para WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path valid...

CVE-2025-46052 CVSS 9.8

An error-based SQL Injection (SQLi) vulnerability in WebERP v4.15.2 allows attackers to execute arbitrary SQL command and extract sensiti...

CVE-2025-47275 CVSS 9.1

Auth0-PHP provides the PHP SDK for Auth0 Authentication and Management APIs.

CVE-2025-47788 CVSS 9.4

Atheos is a self-hosted browser-based cloud IDE.

CVE-2025-47928 CVSS 9.1

Spotipy is a Python library for the Spotify Web API.

View critical disclosures

cvelogic Threat Intelligence