Nov 19, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Google Chromium V8 added to CISA KEV — confirmed in-the-wild exploitation.
  • Adobe Flash Player — exploitation likelihood rose sharply (EPSS 41% → 61% · rising (+20%)).
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2025-13223 Google Chromium V8 Type Confusion

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Confirmed in-the-wild exploitation per CISA KEV — active threat momentum, not theoretical risk.

Emerging exploitation risk

CVE-2017-2988 Adobe Flash Player RCE

  • Exploitation likelihood sharply increased
  • Remote code execution exposure
  • EPSS 41% → 61% · rising (+20%)

Adobe Flash Player: EPSS 41% → 61% · rising (+20%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.

Critical exposure

CVE-2025-63224 Itel Idenc Firmware Auth Bypass

  • CVSS 10
  • Authentication bypass — unauthenticated access risk

New critical Itel Idenc Firmware Auth Bypass (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

CVE-2017-2988 EPSS 41% → 61% · rising (+20%) CVSS 8.8

Adobe Flash Player RCE

CVE-2007-6189 EPSS 13% → 23% · rising (+11%) CVSS 9.3

Bitdefender Online Anti-virus Scanner Buffer Overflow

See EPSS increases

New critical disclosures

CVE-2025-13315 CVSS 9.3

Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw.

CVE-2025-34328 CVSS 9.3

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component (F2MAd...

CVE-2025-34329 CVSS 9.3

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 expose an unauthenticated backup upload endpo...

CVE-2025-63206 CVSS 9.8

An authentication bypass issue was discovered in Dasan Switch DS2924 web based interface, firmware versions 1.01.18 and 1.02.00, allowing...

CVE-2025-63207 CVSS 9.8

The R.V.R Elettronica TEX product (firmware TEXL-000400, Web GUI TLAN-000400) is vulnerable to broken access control due to improper auth...

CVE-2025-63210 CVSS 9.8

The Newtec Celox UHD (models: CELOXA504, CELOXA820) running firmware version celox-21.6.13 is vulnerable to an authentication bypass.

CVE-2025-63213 CVSS 9.8

The QVidium Opera11 device (firmware version 2.9.0-Ax4x-opera11) is vulnerable to Remote Code Execution (RCE) due to improper input valid...

CVE-2025-63224 CVSS 10

The Itel DAB Encoder (IDEnc build 25aec8d) is vulnerable to Authentication Bypass due to improper JWT validation across devices.

CVE-2025-65021 CVSS 9.1

Rallly is an open-source scheduling and collaboration tool.

CVE-2025-65095 CVSS 9.4

Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.

View critical disclosures

cvelogic Threat Intelligence