Sep 23, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Google Chromium V8 added to CISA KEV — confirmed in-the-wild exploitation.
  • WordPress plugin RCE/exploit activity: 3 CVEs flagged today.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2025-10585 Google Chromium V8 Type Confusion

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Confirmed in-the-wild exploitation per CISA KEV — active threat momentum, not theoretical risk.

Critical exposure

CVE-2025-9588 Ironmountain Envision Command Injection

  • CVSS 10

New critical Ironmountain Envision Command Injection (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2025-9846 Unrestricted Upload of File with Dangerous Type vulnerability in TalentSys Consulting Information...

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2025-10147 CVSS 9.8

The Podlove Podcast Publisher plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'mo...

CVE-2025-10412 CVSS 9.8

The Product Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) plugin for WordPress is vulnerable to arbitrary fi...

CVE-2025-26399 CVSS 9.8

SolarWinds Web Help Desk Deserialization of Untrusted Data

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem.

CVE-2025-9321 CVSS 9.8

The WPCasa plugin for WordPress is vulnerable to Code Injection in all versions up to, and including, 1.4.1.

CVE-2025-9588 CVSS 10

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Iron Mountain Archiving Servi...

CVE-2025-9846 CVSS 10

Unrestricted Upload of File with Dangerous Type vulnerability in TalentSys Consulting Information Technology Industry Inc.

CVE-2025-9962 CVSS 10

A buffer overflow vulnerability in Novakon P series allows attackers to gain root permission without prior authentication.This issue affe...

CVE-2025-9963 CVSS 9.4

A path traversal vulnerability in Novakon P series allows to expose the root file system "/" and modify all files with root permissions.

CVE-2025-9965 CVSS 9.3

Improper authentication vulnerability in Novakon P series allows unauthenticated attackers to upload and download any application from/to...

View critical disclosures

cvelogic Threat Intelligence