Sep 17, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2025-23316 Nvidia Triton Inference Server RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Nvidia Triton Inference Server RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2025-59304 Swetrix RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Swetrix RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2025-59340 Hubspot Jinjava unsafe deserialization

  • CVSS 9.8

New critical Hubspot Jinjava unsafe deserialization (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2025-10156 CVSS 9.3

An Improper Handling of Exceptional Conditions vulnerability in the ZIP archive scanning component of mmaitre314 picklescan allows a remo...

CVE-2025-10157 CVSS 9.3

A Protection Mechanism Failure vulnerability in mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to byp...

CVE-2025-10439 CVSS 9.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yordam Informatics Yordam Library A...

CVE-2025-10643 CVSS 9.1

Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability.

CVE-2025-10644 CVSS 9.4

Wondershare Repairit SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability.

CVE-2025-23316 CVSS 9.8

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause a remo...

CVE-2025-59304 CVSS 9.8

A directory traversal issue in Swetrix Web Analytics API 3.1.1 before 7d8b972 allows a remote attacker to achieve Remote Code Execution v...

CVE-2025-59340 CVSS 9.8

jinjava is a Java-based template engine based on django template syntax, adapted to render jinja templates.

CVE-2025-8077 CVSS 9.8

A vulnerability exists in NeuVector versions up to and including 5.4.5, where a fixed string is used as the default password for the buil...

View critical disclosures

cvelogic Threat Intelligence