Nov 14, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Fortinet FortiWeb added to CISA KEV — confirmed in-the-wild exploitation.
  • 5 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2025-64446 Fortinet FortiWeb Path Traversal

  • Actively exploited (CISA KEV)
  • CVSS 9.8
  • Listed on CISA KEV

Fortinet FortiWeb Path Traversal is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2025-54339 Desktopalert Pingalert Application Server privilege escalation

  • CVSS 10
  • Potential privilege escalation to admin/root

New critical Desktopalert Pingalert Application Server privilege escalation (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2025-54343 Desktopalert Pingalert Application Server privilege escalation

  • CVSS 9.6
  • Potential privilege escalation to admin/root

New critical Desktopalert Pingalert Application Server privilege escalation (CVSS 9.6) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-4470 CVSS 9.3

TG8 Firewall contains a pre-authentication remote code execution vulnerability in the runphpcmd.php endpoint.

CVE-2025-54339 CVSS 10

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 expl...

CVE-2025-54343 CVSS 9.6

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 expl...

CVE-2025-58083 CVSS 9.2

General Industrial Controls Lynx+ Gateway is missing critical authentication in the embedded web server which could allow an attacker to...

View critical disclosures

cvelogic Threat Intelligence