Aug 8, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2012-10044 MobileCartly version 1.0 contains an arbitrary file creation vulnerability in the savepage.php sc...

  • CVSS 10
  • Potential privilege escalation to admin/root

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2012-10047 Cyclope Employee Surveillance Solution versions 6.x are vulnerable to a SQL injection flaw in its...

  • CVSS 10
  • Remote code execution exposure

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2025-6573 Kernel software installed and running inside an untrusted/rich execution environment (REE) could...

  • CVSS 9.8

New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2012-10044 CVSS 10

MobileCartly version 1.0 contains an arbitrary file creation vulnerability in the savepage.php script.

CVE-2012-10045 CVSS 9.3

XODA version 0.4.5 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary PHP code on th...

CVE-2012-10046 CVSS 9.3

The E-Mail Security Virtual Appliance (ESVA) (tested on version ESVA_2057) contains an unauthenticated command injection vulnerability in...

CVE-2012-10047 CVSS 10

Cyclope Employee Surveillance Solution versions 6.x are vulnerable to a SQL injection flaw in its login mechanism.

CVE-2012-10049 CVSS 9.3

WebPageTest version 2.6 and earlier contains an arbitrary file upload vulnerability in the resultimage.php script.

CVE-2012-10050 CVSS 9.3

CuteFlow version 2.11.2 and earlier contains an arbitrary file upload vulnerability in the restart_circulation_values_write.php script.

CVE-2012-10052 CVSS 9.3

EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the uploadify.php script.

CVE-2012-10053 CVSS 9.3

Simple Web Server 2.2 rc2 contains a stack-based buffer overflow vulnerability in its handling of the Connection HTTP header.

CVE-2025-54997 CVSS 9.1

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys.

CVE-2025-6573 CVSS 9.8

Kernel software installed and running inside an untrusted/rich execution environment (REE) could leak information from the trusted execut...

View critical disclosures

cvelogic Threat Intelligence