Jun 3, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Qualcomm Multiple Chipsets: 3 CVEs added to CISA KEV today.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2025-21479 Qualcomm Multiple Chipsets Incorrect Authorization

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Qualcomm Multiple Chipsets Memory Corruption is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2025-45854 /server/executeExec of JEHC-BPM 2.0.1 allows attackers to execute arbitrary code via execParams.

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2025-32105 Sangoma Img2020 Firmware RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Sangoma Img2020 Firmware RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2025-21479 KEV

Qualcomm Multiple Chipsets Incorrect Authorization

CVE-2025-21480 KEV

Qualcomm Multiple Chipsets Incorrect Authorization

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2025-23097 CVSS 9.1

An issue was discovered in Samsung Mobile Processor Exynos 1380.

CVE-2025-25022 CVSS 9.6

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow an unauthentic...

CVE-2025-32105 CVSS 9.8

A buffer overflow in the the Sangoma IMG2020 HTTP server through 2.3.9.6 allows an unauthenticated user to achieve remote code execution.

CVE-2025-32106 CVSS 9.8

In Audiocodes Mediapack MP-11x through 6.60A.369.002, a crafted POST request request may result in an unauthenticated remote user's abili...

CVE-2025-44148 CVSS 9.8

Cross Site Scripting (XSS) vulnerability in MailEnable before v10 allows a remote attacker to execute arbitrary code via the failure.aspx...

CVE-2025-4517 CVSS 9.4

Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data".

CVE-2025-45854 CVSS 10

/server/executeExec of JEHC-BPM 2.0.1 allows attackers to execute arbitrary code via execParams.

CVE-2025-4797 CVSS 9.8

The Golo - City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versio...

CVE-2025-48951 CVSS 9.3

Auth0-PHP is a PHP SDK for Auth0 Authentication and Management APIs.

CVE-2025-49223 CVSS 9.8

billboard.js before 3.15.1 was discovered to contain a prototype pollution via the function generate, which could allow attackers to exec...

View critical disclosures

cvelogic Threat Intelligence