May 27, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 7 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2025-32440 NetAlertX is a network, presence scanner and alert framework.

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2025-48827 Vbulletin

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2025-41652 The devices are vulnerable to an authentication bypass due to flaws in the authorization mechanism.

  • CVSS 9.8
  • Authentication bypass — unauthenticated access risk

New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2025-2407 CVSS 9.3

Missing Authentication & Authorization in Web-API in Mobatime AMX MTAPI v6 on IIS allows adversaries to unrestricted access via the network.

CVE-2025-32440 CVSS 10

NetAlertX is a network, presence scanner and alert framework.

CVE-2025-41651 CVSS 9.8

Due to missing authentication on a critical function of the devices an unauthenticated remote attacker can execute arbitrary commands, po...

CVE-2025-41652 CVSS 9.8

The devices are vulnerable to an authentication bypass due to flaws in the authorization mechanism.

CVE-2025-48057 CVSS 9.3

Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance...

CVE-2025-48827 CVSS 10

vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers' methods when runn...

Certain vBulletin versions might allow attackers to execute arbitrary PHP code by abusing Template Conditionals in the template engine.

View critical disclosures

cvelogic Threat Intelligence