Jul 7, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Synacor Zimbra Collaboration Suite (ZCS) added to CISA KEV — confirmed in-the-wild exploitation.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2014-3931 Multi-Router Looking Glass (MRLG) Buffer Overflow

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Multi-Router Looking Glass (MRLG) Buffer Overflow is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2025-53529 WeGIA is a web manager for charitable institutions.

  • CVSS 9.8

New critical Wegia SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2024-25176 Luajit

  • CVSS 9.8

New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2019-9621 KEV

Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery (SSRF)

CVE-2014-3931 KEV

Multi-Router Looking Glass (MRLG) Buffer Overflow

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2024-25176 CVSS 9.8

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c.

CVE-2024-25178 CVSS 9.1

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an out-of-bounds read in the stack-overflow handler in lj_state.c.

CVE-2025-43932 CVSS 9.8

JobCenter through 7e7b0b2 allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset d...

CVE-2025-43933 CVSS 9.8

fblog through 983bede allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depen...

CVE-2025-45065 CVSS 9.8

employee record management system in php and mysql v1 was discovered to contain a SQL injection vulnerability via the loginerms.php endpo...

CVE-2025-45479 CVSS 9.8

Insufficient security mechanisms for created containers in educoder challenges v1.0 allow attackers to execute arbitrary code via injecti...

CVE-2025-47202 CVSS 9.1

In RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1...

CVE-2025-53495 CVSS 9.1

Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.This issue affec...

CVE-2025-53499 CVSS 9.1

Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.This issue affec...

CVE-2025-53529 CVSS 9.8

WeGIA is a web manager for charitable institutions.

View critical disclosures

cvelogic Threat Intelligence