Oct 22, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Motex LANSCOPE Endpoint Manager added to CISA KEV — confirmed in-the-wild exploitation.
  • Zohocorp Manageengine Adselfservice Plus — exploitation likelihood rose sharply (EPSS 2.5% → 21% · rising (+19%)).
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2025-61932 Motex LANSCOPE Endpoint Manager Improper Verification of Source of a Communication Channel

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Confirmed in-the-wild exploitation per CISA KEV — active threat momentum, not theoretical risk.

Critical exposure

CVE-2021-37423 Zohocorp Manageengine Adselfservice Plus

  • Exploitation likelihood sharply increased
  • CVSS 9.8
  • EPSS 2.5% → 21% · rising (+19%)

Zohocorp Manageengine Adselfservice Plus: EPSS 2.5% → 21% · rising (+19%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.

Critical exposure

CVE-2025-60226 Axiomthemes White Rabbit Deserialization

  • CVSS 9.8

New critical Axiomthemes White Rabbit Deserialization (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2025-61932 KEV

Motex LANSCOPE Endpoint Manager Improper Verification of Source of a Communication Channel

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

CVE-2021-37423 EPSS 2.5% → 21% · rising (+19%) CVSS 9.8

Zohocorp Manageengine Adselfservice Plus

CVE-2021-20147 EPSS 6.9% → 18% · rising (+11%) CVSS 5.3

Zohocorp Manageengine Adselfservice Plus

See EPSS increases

New critical disclosures

CVE-2025-11957 CVSS 9

Improper authorization in the temporary access workflow of Devolutions Server 2025.2.12.0 and earlier allows an authenticated basic user...

CVE-2025-60220 CVSS 9.8

Incorrect Privilege Assignment vulnerability in pebas CouponXxL couponxxl allows Privilege Escalation.This issue affects CouponXxL: from...

CVE-2025-60221 CVSS 9.8

Deserialization of Untrusted Data vulnerability in captivateaudio Captivate Sync captivatesync-trade allows Object Injection.This issue a...

CVE-2025-60224 CVSS 9.8

Deserialization of Untrusted Data vulnerability in wpshuffle Subscribe to Download subscribe-to-download allows Object Injection.This iss...

CVE-2025-60225 CVSS 9.8

Deserialization of Untrusted Data vulnerability in AncoraThemes BugsPatrol bugspatrol allows Object Injection.This issue affects BugsPatr...

CVE-2025-60226 CVSS 9.8

Deserialization of Untrusted Data vulnerability in axiomthemes White Rabbit whiterabbit allows Object Injection.This issue affects White...

CVE-2025-60232 CVSS 9.8

Deserialization of Untrusted Data vulnerability in quantumcloud KBx Pro Ultimate knowledgebase-helpdesk-pro allows Object Injection.This...

CVE-2025-60238 CVSS 9.8

Deserialization of Untrusted Data vulnerability in universam UNIVERSAM universam-demo allows Object Injection.This issue affects UNIVERSA...

CVE-2025-62023 CVSS 9

Improper Control of Generation of Code ('Code Injection') vulnerability in Cristián Lávaque s2Member s2member.This issue affects s2Member...

CVE-2025-62025 CVSS 9.8

Deserialization of Untrusted Data vulnerability in eyecix JobSearch wp-jobsearch.This issue affects JobSearch: from n/a through < 3.0.8.

View critical disclosures

cvelogic Threat Intelligence