Sep 22, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2025-59528 Flowise is a drag & drop user interface to build a customized large language model flow.

  • CVSS 10
  • Remote code execution exposure

New critical Flowiseai Flowise RCE (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2025-56074 Phpgurukul Park Ticketing Management System SQL Injection

  • CVSS 9.8

New critical Phpgurukul Park Ticketing Management System SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2025-57432 Blackmagicdesign Web Presenter 4k Firmware

  • CVSS 9.8

New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2025-35042 CVSS 9.3

Airship AI Acropolis includes a default administrative account that uses the same credentials on every installation.

CVE-2025-56074 CVSS 9.8

A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management Sy...

CVE-2025-57432 CVSS 9.8

Blackmagic Web Presenter version 3.3 exposes a Telnet service on port 9977 that accepts unauthenticated commands.

CVE-2025-57437 CVSS 9.8

The Blackmagic Web Presenter HD firmware version 3.3 exposes sensitive information via an unauthenticated Telnet service on port 9977.

CVE-2025-57441 CVSS 9.8

The Blackmagic ATEM Mini Pro 2.7 exposes sensitive device and stream configuration information via an unauthenticated Telnet service on p...

CVE-2025-57601 CVSS 9.8

AiKaan Cloud Controller uses a single hardcoded SSH private key and the username `proxyuser` for remote terminal access to all managed Io...

CVE-2025-57602 CVSS 9.8

Insufficient hardening of the proxyuser account in the AiKaan IoT management platform, combined with the use of a shared, hardcoded SSH p...

CVE-2025-58255 CVSS 9.6

Cross-Site Request Forgery (CSRF) vulnerability in yonisink Custom Post Type Images custom-post-types-image allows Code Injection.This is...

CVE-2025-59434 CVSS 9.6

Flowise is a drag & drop user interface to build a customized large language model flow.

CVE-2025-59528 CVSS 10

Flowise is a drag & drop user interface to build a customized large language model flow.

View critical disclosures

cvelogic Threat Intelligence