Sep 25, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Cisco Secure Firewall Adaptive Security Appliance And Secure Firewall Threat Defense: 2 CVEs added to CISA KEV today.
  • 9 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2025-20333 Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow

  • Actively exploited (CISA KEV)
  • CVSS 9.9
  • Listed on CISA KEV
  • Network edge / SD-WAN deployments affected

Cisco Secure Firewall Adaptive Security Appliance And Secure Firewall Threat Defense Buffer Overflow is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2025-59832 Horilla is a free and open source Human Resource Management System (HRMS).

  • CVSS 9.9

New critical Horilla cross-site scripting (CVSS 9.9) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2025-59823 Project Gardener implements the automated management and operation of Kubernetes clusters as a se...

  • CVSS 9.9
  • Potential privilege escalation to admin/root

New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2025-20333 KEV CVSS 9.9

Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow

Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Missing Authorization

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2020-36851 CVSS 9.5

Rob--W cors-anywhere instances configured as an open proxy allow unauthenticated external users to induce the server to make HTTP request...

CVE-2025-10542 CVSS 9.8

iMonitor EAM 9.6394 ships with default administrative credentials that are also displayed within the management client’s connection dialog.

CVE-2025-11005 CVSS 9.3

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TOTOLINK X6000R allows OS Com...

New critical Cisco Adaptive Security Appliance Software exposure disclosed.

CVE-2025-59823 CVSS 9.9

Project Gardener implements the automated management and operation of Kubernetes clusters as a service.

CVE-2025-59832 CVSS 9.9

Horilla is a free and open source Human Resource Management System (HRMS).

CVE-2025-59834 CVSS 9.8

ADB MCP Server is a MCP (Model Context Protocol) server for interacting with Android devices through ADB.

CVE-2025-59841 CVSS 9.8

Flag Forge is a Capture The Flag (CTF) platform.

View critical disclosures

cvelogic Threat Intelligence