Jul 5, 2025 Cyber Threat Intelligence

Daily summary

• Oracle Application Testing Suite — exploitation likelihood rose sharply (EPSS 7.0% → 21% · rising (+14%)).

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Emerging exploitation risk

CVE-2016-0488 Oracle Application Testing Suite

• Exploitation likelihood sharply increased
• EPSS 7.0% → 21% · rising (+14%)

Oracle Application Testing Suite: EPSS 7.0% → 21% · rising (+14%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.

Emerging exploitation risk

CVE-2016-0487 Oracle Application Testing Suite

• Exploitation likelihood sharply increased
• EPSS 7.1% → 21% · rising (+14%)

Oracle Application Testing Suite: EPSS 7.1% → 21% · rising (+14%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.

High-risk exposure

CVE-2025-26850 The agent in Quest KACE Systems Management Appliance (SMA) before 14.0.97 and 14.1.x before 14.1....

• CVSS 9.3
• Potential privilege escalation to admin/root

New critical-severity CVE in today's window — elevated exposure signal, early in the lifecycle.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

CVE-2016-0488 EPSS 7.0% → 21% · rising (+14%) CVSS 6.4

Oracle Application Testing Suite

CVE-2016-0487 EPSS 7.1% → 21% · rising (+14%) CVSS 6.4

Oracle Application Testing Suite

CVE-2016-0490 EPSS 6.7% → 18% · rising (+11%) CVSS 6.4

Oracle Application Testing Suite

See EPSS increases

New critical disclosures

CVE-2025-26850 CVSS 9.3

The agent in Quest KACE Systems Management Appliance (SMA) before 14.0.97 and 14.1.x before 14.1.19 potentially allows privilege escalati...

View critical disclosures