Sep 29, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Cisco IOS And IOS XE added to CISA KEV — confirmed in-the-wild exploitation.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2025-10035 Fortra GoAnywhere MFT Deserialization of Untrusted Data

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Fortra GoAnywhere MFT Command Injection is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2025-34216 Vasion Virtual Appliance Application

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2025-34218 Vasion Virtual Appliance Application

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution

Libraesva Email Security Gateway Command Injection

Fortra GoAnywhere MFT Deserialization of Untrusted Data

Sudo Inclusion of Functionality from Untrusted Control Sphere

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2025-34216 CVSS 10

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1026 and Application prior to version 20.0.2702 (VA dep...

CVE-2025-34218 CVSS 10

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA/Saa...

CVE-2025-34221 CVSS 10

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.2.169 and Application prior to version 25.2.1518 (VA/SaaS...

CVE-2025-34222 CVSS 10

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA/Saa...

CVE-2025-34223 CVSS 10

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA/Saa...

CVE-2025-34224 CVSS 10

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA/Saa...

CVE-2025-34234 CVSS 9.2

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS...

CVE-2025-34235 CVSS 9.5

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (Windows...

CVE-2025-54875 CVSS 9.8

FreshRSS is a free, self-hostable RSS aggregator.

CVE-2025-57266 CVSS 9.8

An issue was discovered in file AssistantController.java in ThriveX Blogging Framework 2.5.9 thru 3.1.3 allowing unauthenticated attacker...

View critical disclosures

cvelogic Threat Intelligence