Jun 2, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Craft CMS: 2 CVEs added to CISA KEV today.
  • 6 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2021-32030 ASUS Routers Improper Authentication

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV
  • Authentication bypass — unauthenticated access risk

ASUS Routers Auth Bypass is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2025-49113 RoundCube Webmail Deserialization of Untrusted Data

  • CVSS 9.9
  • Remote code execution exposure

New critical Roundcube Webmail RCE (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2025-1750 Llamaindex RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Llamaindex RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Craft CMS External Control of Assumed-Immutable Web Parameter

ConnectWise ScreenConnect Improper Authentication

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2025-0324 CVSS 9.4

The VAPIX Device Configuration framework allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges.

CVE-2025-1750 CVSS 9.8

An SQL injection vulnerability exists in the delete function of DuckDBVectorStore in run-llama/llama_index version v0.12.19.

CVE-2025-23099 CVSS 9.1

An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400.

CVE-2025-37093 CVSS 9.8

An authentication bypass vulnerability exists in HPE StoreOnce Software.

CVE-2025-49113 CVSS 9.9

RoundCube Webmail Deserialization of Untrusted Data

CVE-2025-5086 CVSS 9

Dassault Systèmes DELMIA Apriso Deserialization of Untrusted Data

View critical disclosures

cvelogic Threat Intelligence