Jun 20, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Fortinet Fortios: public exploit or PoC linked
  • Sap Netweaver — exploitation likelihood rose sharply (EPSS 12% → 27% · rising (+16%)).
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2024-50562 Fortinet Fortios

  • Public exploit or PoC available
  • Exploit activity linked

Public exploit or PoC linked — exploitation bar is lower than disclosure-only CVEs.

Active exploit activity

CVE-2025-47957 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • Public exploit or PoC available
  • Exploit activity linked

Public exploit or PoC linked — exploitation bar is lower than disclosure-only CVEs.

Critical exposure

CVE-2015-7241 Sap Netweaver XXE

  • Exploitation likelihood sharply increased
  • CVSS 9.8
  • EPSS 12% → 27% · rising (+16%)

Sap Netweaver: EPSS 12% → 27% · rising (+16%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2024-50562 Exploit

An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0, version 7.4.6 and below, version 7.2.10 and...

CVE-2025-47957 Exploit

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVE-2025-1974 Exploit

A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network...

View new exploit links

Exploitation dynamics

CVE-2015-7241 EPSS 12% → 27% · rising (+16%) CVSS 9.8

Sap Netweaver XXE

See EPSS increases

New critical disclosures

CVE-2025-25034 CVSS 9.3

A PHP object injection vulnerability exists in SugarCRM versions prior to 6.5.24, 6.7.13, 7.5.2.5, 7.6.2.2, and 7.7.1.0 due to improper v...

CVE-2025-25037 CVSS 9.3

An information disclosure vulnerability exists in Aquatronica Controller System firmware versions <= 5.1.6 and web interface versions <=...

CVE-2025-25038 CVSS 9.3

An OS command injection vulnerability exists in MiniDVBLinux version 5.4 and earlier.

CVE-2025-34022 CVSS 9.3

A path traversal vulnerability exists in multiple models of Selea Targa IP OCR-ANPR cameras, including iZero, Targa 512, Targa 504, Targa...

CVE-2025-34024 CVSS 9.4

An OS command injection vulnerability exists in the Edimax EW-7438RPn firmware version 1.13 and prior via the mp.asp form handler.

CVE-2025-34029 CVSS 9.4

An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13 and prior via the syscmd.asp form handler.

CVE-2025-34030 CVSS 10

An OS command injection vulnerability exists in sar2html version 3.2.2 and prior via the plot parameter in index.php.

CVE-2025-44635 CVSS 9.8

There are multiple unauthorized remote command execution vulnerabilities in the H3C ER2200G2, ERG2-450W, ERG2-1200W, ERG2-1350W, NR1200W...

CVE-2025-45890 CVSS 9.8

Directory Traversal vulnerability in novel plus before v.5.1.0 allows a remote attacker to execute arbitrary code via the filePath parameter

CVE-2025-49132 CVSS 10

Pterodactyl is a free, open-source game server management panel.

View critical disclosures

cvelogic Threat Intelligence