Oct 8, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

Projectsend — exploitation likelihood rose sharply (EPSS 8.9% → 83% · rising (+74%)).
7 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Emerging exploitation risk

CVE-2014-9567 Projectsend

Exploitation likelihood sharply increased
EPSS 8.9% → 83% · rising (+74%)

Projectsend: EPSS 8.9% → 83% · rising (+74%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.

Emerging exploitation risk

CVE-2009-0182 Vuplayer Buffer Overflow

Exploitation likelihood sharply increased
EPSS 5.7% → 79% · rising (+73%)

Vuplayer: EPSS 5.7% → 79% · rising (+73%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.

Critical exposure

CVE-2025-61913 Flowise is a drag & drop user interface to build a customized large language model flow.

CVSS 9.9

New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

CVE-2014-9567 EPSS 8.9% → 83% · rising (+74%) CVSS 7.5

Projectsend

CVE-2009-0182 EPSS 5.7% → 79% · rising (+73%) CVSS 8.8

Vuplayer Buffer Overflow

CVE-1999-0920 EPSS 3.5% → 74% · rising (+70%) CVSS 10

University Of Washington Imap Buffer Overflow

CVE-2010-5333 EPSS 7.2% → 77% · rising (+70%) CVSS 9.8

Integard Home Project Integard Home RCE

CVE-2014-8420 EPSS 4.1% → 74% · rising (+70%) CVSS 9

Sonicwall Analyzer

CVE-2017-11391 EPSS 13% → 81% · rising (+69%) CVSS 8.8

Trendmicro Interscan Messaging Security Virtual Appliance Command Injection

CVE-2015-1930 EPSS 1.4% → 70% · rising (+69%) CVSS 7.8

Ibm Tivoli Storage Manager Fastback Buffer Overflow

CVE-2013-4557 EPSS 2.3% → 69% · rising (+67%) CVSS 7.5

Spip

CVE-2017-11392 EPSS 6.8% → 74% · rising (+67%) CVSS 8.8

Trendmicro Interscan Messaging Security Virtual Appliance Command Injection

CVE-2016-10542 EPSS 0.3% → 66% · rising (+66%) CVSS 7.5

Ws Project Ws

See EPSS increases

New critical disclosures

CVE-2017-20201 CVSS 9.3

CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 (32-bit builds) contained a malicious pre-entry-point loader that diverts execution fro...

CVE-2017-20202 CVSS 9.3

Web Developer for Chrome v0.4.9 contained malicious code that generated a domain via a DGA and fetched a remote script.

CVE-2025-10351 CVSS 9.3

SQL injection vulnerability based on the melis-cms module of the Melis platform from Melis Technology.

CVE-2025-10352 CVSS 9.3

Vulnerability in the melis-core module of Melis Technology's Melis Platform, which, if exploited, allows an unauthenticated attacker to c...

CVE-2025-10353 CVSS 9.3

File upload leading to remote code execution (RCE) in the “melis-cms-slider” module of Melis Technology's Melis Platform.

CVE-2025-10587 CVSS 9.8

The Community Events plugin for WordPress is vulnerable to SQL Injection via the event_category parameter in all versions up to, and incl...

CVE-2025-61913 CVSS 9.9

Flowise is a drag & drop user interface to build a customized large language model flow.

View critical disclosures

cvelogic Threat Intelligence