Sep 12, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2025-10264 Certain models of NVR developed by Digiever has an Exposure of Sensitive Information vulnerabilit...

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2024-45434 OpenSynergy BlueSDK (aka Blue SDK) through 6.x has a Use-After-Free.

  • CVSS 9.8
  • Remote code execution exposure

New critical Opensynergy Blue Sdk RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2025-55835 Sueamcms Project Sueamcms

  • CVSS 9.8

New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2024-45434 CVSS 9.8

OpenSynergy BlueSDK (aka Blue SDK) through 6.x has a Use-After-Free.

CVE-2025-10264 CVSS 10

Certain models of NVR developed by Digiever has an Exposure of Sensitive Information vulnerability, allowing unauthenticated remoter atta...

CVE-2025-10266 CVSS 9.3

NUP Pro developed by NewType Infortech has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary S...

CVE-2025-10364 CVSS 9.3

The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application.

CVE-2025-10365 CVSS 9.3

The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application.

CVE-2025-45583 CVSS 9.1

Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the ser...

CVE-2025-55835 CVSS 9.8

File Upload vulnerability in SueamCMS v.0.1.2 allows a remote attacker to execute arbitrary code via the lack of filtering.

CVE-2025-58434 CVSS 9.8

Flowise is a drag & drop user interface to build a customized large language model flow.

CVE-2025-8699 CVSS 9.1

Some "Stored Value" Unattended Payment Solutions of KioSoft use vulnerable NFC cards.

CVE-2025-9556 CVSS 9.8

Langchaingo supports the use of jinja2 syntax when parsing prompts, which is in turn parsed using the gonja library v1.5.3.

View critical disclosures

cvelogic Threat Intelligence