Jun 13, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Freefloat Ftp Server: public exploit or PoC linked (Buffer Overflow)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2025-49113 RoundCube Webmail Deserialization of Untrusted Data

  • Public exploit or PoC available
  • Exploit activity linked
  • Remote code execution exposure

Roundcube Webmail RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2025-5548 A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0.

  • Public exploit or PoC available
  • Exploit activity linked

Freefloat Ftp Server Buffer Overflow now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2025-28386 Openc3 Cosmos RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Openc3 Cosmos RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2025-5548 Exploit

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0.

CVE-2025-49113 Exploit

RoundCube Webmail Deserialization of Untrusted Data

CVE-2025-24071 Exploit

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing o...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2025-28384 CVSS 9.1

An issue in the /script-api/scripts/ endpoint of OpenC3 COSMOS before 6.1.0 allows attackers to execute a directory traversal.

CVE-2025-28386 CVSS 9.8

A remote code execution (RCE) vulnerability in the Plugin Management component of OpenC3 COSMOS v6.0.0 allows attackers to execute arbitr...

CVE-2025-28388 CVSS 9.8

OpenC3 COSMOS before v6.0.2 was discovered to contain hardcoded credentials for the Service Account.

CVE-2025-28389 CVSS 9.8

Weak password requirements in OpenC3 COSMOS v6.0.0 allow attackers to bypass authentication via a brute force attack.

CVE-2025-45987 CVSS 9.8

Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC...

CVE-2025-45988 CVSS 9.8

Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC...

CVE-2025-46060 CVSS 9.8

Buffer Overflow vulnerability in TOTOLINK N600R v4.3.0cu.7866_B2022506 allows a remote attacker to execute arbitrary code via the UPLOAD_...

CVE-2025-49596 CVSS 9.4

The MCP inspector is a developer tool for testing and debugging MCP servers.

CVE-2025-6029 CVSS 9.4

Use of fixed learning codes, one code to lock the car and the other code to unlock it, the Key Fob Transmitter in KIA-branded Aftermarket...

CVE-2025-6030 CVSS 9.4

Use of fixed learning codes, one code to lock the car and the other code to unlock it, in the Key Fob Transmitter in Cyclone Matrix TRF S...

View critical disclosures

cvelogic Threat Intelligence