Aug 22, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2022-31491 Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield Ne...

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2022-45134 Mahara Code Execution

  • CVSS 9.8
  • Remote code execution exposure

New critical Mahara Code Execution (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2024-53499 Jeewms v3.7 was discovered to contain a SQL injection vulnerability via the CgReportController API.

  • CVSS 9.8

New critical Jeewms SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-31491 CVSS 10

Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield Netguard before 1.04-23292 allows a remote...

CVE-2022-43110 CVSS 9.8

Voltronic Power ViewPower through 1.04-21353 and PowerShield Netguard before 1.04-23292 allows a remote attacker to configure the system...

CVE-2022-45134 CVSS 9.8

Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 deserializes user input unsafely during skin import.

CVE-2024-52786 CVSS 9.8

An authentication bypass vulnerability in anji-plus AJ-Report up to v1.4.2 allows unauthenticated attackers to execute arbitrary code via...

CVE-2024-53496 CVSS 9.8

Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authe...

CVE-2024-53499 CVSS 9.8

Jeewms v3.7 was discovered to contain a SQL injection vulnerability via the CgReportController API.

CVE-2025-26496 CVSS 9.3

Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau Server, Tableau Desktop on Windows, Lin...

CVE-2025-4609 CVSS 9.6

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attac...

CVE-2025-51092 CVSS 9.8

The LogIn-SignUp project by VishnuSivadasVS is vulnerable to SQL Injection due to unsafe construction of SQL queries in DataBase.php.

CVE-2025-55613 CVSS 9.8

Tenda O3V2 1.0.0.12(3880) is vulnerable to Buffer Overflow in the fromSafeSetMacFilter function via the mac parameter.

View critical disclosures

cvelogic Threat Intelligence