High-risk exposure
CVE-2025-40925 Starch versions 0.14 and earlier generate session ids insecurely.
- CVSS 9.1
New critical-severity CVE in today's window — elevated exposure signal, early in the lifecycle.
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
High-risk exposure
New critical-severity CVE in today's window — elevated exposure signal, early in the lifecycle.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Starch versions 0.14 and earlier generate session ids insecurely.