Home
» Risk & Exploitation
» Daily threat intelligence
» Oct 15, 2025
Oct 15, 2025 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
Adobe Experience Manager (AEM) Forms added to CISA KEV — confirmed in-the-wild exploitation.
WordPress plugin RCE/exploit activity: 3 CVEs flagged today.
7 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
CVE-2025-54253
Adobe Experience Manager Forms Code Execution
Actively exploited (CISA KEV)
Listed on CISA KEV
Remote code execution exposure
Adobe Experience Manager (AEM) Forms RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
Critical exposure
CVE-2025-11832
Azure-access Blu-ic2 Firmware
New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.
Critical exposure
CVE-2025-10041
The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to mi...
CVSS 9.8
Internet-facing CMS deployments affected
New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Adobe Experience Manager Forms Code Execution
View KEV additions
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in thesave_qr...
The OwnID Passwordless Login plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.3.4.
Allocation of Resources Without Limits or Throttling vulnerability in Azure Access Technology BLU-IC2, Azure Access Technology BLU-IC4 al...
F5 BIG-IP Stack-Based Buffer Overflow
Creativeitem Academy LMS up to and including 6.14 uses a hardcoded default JWT secret for token signing.
In versions before 20.0.2, it was found that --disallow-code-generation-from-strings is not sufficient for isolating untrusted JavaScript...
The Orion SMS OTP Verification plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and...
View critical disclosures
cvelogic
Threat Intelligence