Jun 10, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Microsoft Windows added to CISA KEV — confirmed in-the-wild exploitation.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2025-24016 Wazuh Server Deserialization of Untrusted Data

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV
  • Remote code execution exposure

Wazuh Server RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2025-30220 GeoServer is an open source server that allows users to share and edit geospatial data.

  • CVSS 9.9

New critical Geotools Geonetwork XXE (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2025-2474 Blackberry Qnx Software Development Platform Out-of-Bounds Write

  • CVSS 9.8

New critical Blackberry Qnx Software Development Platform Out-of-Bounds Write (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Microsoft Windows External Control of File Name or Path

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2024-1243 CVSS 9.5

Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh server or...

CVE-2024-1244 CVSS 9.5

Improper input validation in the OSSEC HIDS agent for Windows prior to version 3.8.0 allows an attacker in with control over the OSSEC se...

CVE-2024-34711 CVSS 9.3

GeoServer is an open source server that allows users to share and edit geospatial data.

CVE-2024-57190 CVSS 9.8

Erxes <1.6.1 is vulnerable to Incorrect Access Control.

CVE-2025-2474 CVSS 9.8

Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial...

CVE-2025-30220 CVSS 9.9

GeoServer is an open source server that allows users to share and edit geospatial data.

CVE-2025-36852 CVSS 9.4

A critical security vulnerability exists in remote cache extensions for common build systems utilizing bucket-based remote cache (such as...

CVE-2025-40585 CVSS 9.5

A vulnerability has been identified in Energy Services (All versions with G5DFR).

CVE-2025-49455 CVSS 9.3

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ClickandPledge WordPress-WPJobBoard...

CVE-2025-49507 CVSS 9.8

Deserialization of Untrusted Data vulnerability in LoftOcean CozyStay cozystay allows Object Injection.This issue affects CozyStay: from...

View critical disclosures

cvelogic Threat Intelligence