Jul 24, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Foxmail Email Server — exploitation likelihood rose sharply (EPSS 8.1% → 26% · rising (+18%)).
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2005-0339 Foxmail Email Server Buffer Overflow

  • Exploitation likelihood sharply increased
  • CVSS 10
  • EPSS 8.1% → 26% · rising (+18%)

Foxmail Email Server: EPSS 8.1% → 26% · rising (+18%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.

Critical exposure

CVE-2025-5243 Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Special Elements used...

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2025-4784 Moderec Tourtella SQL Injection

  • CVSS 9.8

New critical Moderec Tourtella SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

CVE-2005-0339 EPSS 8.1% → 26% · rising (+18%) CVSS 10

Foxmail Email Server Buffer Overflow

See EPSS increases

New critical disclosures

CVE-2025-32429 CVSS 9.3

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.

CVE-2025-41420 CVSS 9.6

A cross-site scripting (xss) vulnerability exists in the userLogin cancelUri parameter functionality of WWBN AVideo 14.4 and dev master c...

CVE-2025-46410 CVSS 9.6

A cross-site scripting (xss) vulnerability exists in the managerPlaylists PlaylistOwnerUsersId parameter functionality of WWBN AVideo 14....

CVE-2025-4784 CVSS 9.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Moderec Tourtella allows SQL Inject...

CVE-2025-4822 CVSS 9.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bayraktar Solar Energies ScadaWatt...

CVE-2025-50128 CVSS 9.6

A cross-site scripting (xss) vulnerability exists in the videoNotFound 404ErrorMsg parameter functionality of WWBN AVideo 14.4 and dev ma...

CVE-2025-5243 CVSS 10

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection...

CVE-2025-53084 CVSS 9

A cross-site scripting (xss) vulnerability exists in the videosList page parameter functionality of WWBN AVideo 14.4 and dev master commi...

CVE-2025-54369 CVSS 9.3

Node-SAML is a SAML library not dependent on any frameworks that runs in Node.

CVE-2025-6260 CVSS 9.3

The embedded web server on the thermostat listed version ranges contain a vulnerability that allows unauthenticated attackers, either on...

View critical disclosures

cvelogic Threat Intelligence