May 18, 2025 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
- Invisioncommunity: public exploit or PoC linked (RCE)
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Active exploit activity
CVE-2025-1731
Zyxel Uos privilege escalation
- Public exploit or PoC available
- Exploit activity linked
- Potential privilege escalation to admin/root
Zyxel Uos privilege escalation now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Active exploit activity
CVE-2025-31161
CrushFTP Authentication Bypass
- Public exploit or PoC available
- Exploit activity linked
- Authentication bypass — unauthenticated access risk
CrushFTP Auth Bypass now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Critical exposure
CVE-2025-23123
A malicious actor with access to the management network could execute a remote code execution (RC...
- CVSS 10
- Remote code execution exposure
New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
View KEV additions
Exploit & PoC activity
Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php.
An incorrect permission assignment vulnerability in the PostgreSQL commands of the Zyxel USG FLEX H series uOS firmware versions from V1....
CrushFTP Authentication Bypass
View new exploit links
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
A malicious actor with access to the management network could execute a remote code execution (RCE) by exploiting a heap buffer overflow...
View critical disclosures
cvelogic
Threat Intelligence