May 18, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Invisioncommunity: public exploit or PoC linked (RCE)

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2025-1731 Zyxel Uos privilege escalation

  • Public exploit or PoC available
  • Exploit activity linked
  • Potential privilege escalation to admin/root

Zyxel Uos privilege escalation now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2025-31161 CrushFTP Authentication Bypass

  • Public exploit or PoC available
  • Exploit activity linked
  • Authentication bypass — unauthenticated access risk

CrushFTP Auth Bypass now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2025-23123 A malicious actor with access to the management network could execute a remote code execution (RC...

  • CVSS 10
  • Remote code execution exposure

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2025-47916 Exploit

Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php.

CVE-2025-1731 Exploit

An incorrect permission assignment vulnerability in the PostgreSQL commands of the Zyxel USG FLEX H series uOS firmware versions from V1....

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2025-23123 CVSS 10

A malicious actor with access to the management network could execute a remote code execution (RCE) by exploiting a heap buffer overflow...

View critical disclosures

cvelogic Threat Intelligence