Aug 30, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Php Blue Dragon — exploitation likelihood rose sharply (EPSS 11% → 21% · rising (+11%)).
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Emerging exploitation risk

CVE-2006-4962 Php Blue Dragon Directory Traversal

  • Exploitation likelihood sharply increased
  • EPSS 11% → 21% · rising (+11%)

Php Blue Dragon: EPSS 11% → 21% · rising (+11%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.

Critical exposure

CVE-2025-54945 Sun.net Ehrd Ctms

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2009-20011 ContentKeeper Web Appliance (now maintained by Impero Software) versions prior to 125.10 are vuln...

  • CVSS 10
  • Potential privilege escalation to admin/root

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

CVE-2006-4962 EPSS 11% → 21% · rising (+11%) CVSS 6.4

Php Blue Dragon Directory Traversal

See EPSS increases

New critical disclosures

CVE-2009-20009 CVSS 9.3

Belkin Bulldog Plus version 4.0.2 build 1219 contains a stack-based buffer overflow vulnerability in its web service authentication handler.

CVE-2009-20010 CVSS 9.3

Dogfood CRM version 2.0.10 contains a remote command execution vulnerability in the spell.php script used by its mail subsystem.

CVE-2009-20011 CVSS 10

ContentKeeper Web Appliance (now maintained by Impero Software) versions prior to 125.10 are vulnerable to remote command execution due t...

CVE-2010-10016 CVSS 10

BS.Player version 2.57 (build 1051) contains a vulnerability in its playlist import functionality.

CVE-2011-10032 CVSS 9.3

Sunway ForceControl version 6.1 SP3 and earlier contains a stack-based buffer overflow vulnerability in the SNMP NetDBServer service, whi...

CVE-2025-34164 CVSS 9.3

A heap-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attac...

CVE-2025-54942 CVSS 9.3

A missing authentication for critical function vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote at...

CVE-2025-54943 CVSS 9.3

A missing authorization vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to perform unau...

CVE-2025-54945 CVSS 10

An external control of file name or path vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attacker...

CVE-2025-54946 CVSS 9.3

A SQL injection vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary SQ...

View critical disclosures

cvelogic Threat Intelligence