Home
» Risk & Exploitation
» Daily threat intelligence
» Nov 21, 2025
Nov 21, 2025 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
Oracle Fusion Middleware added to CISA KEV — confirmed in-the-wild exploitation.
WordPress plugin RCE/exploit activity: 2 CVEs flagged today.
Arcserve Udp — exploitation likelihood rose sharply (EPSS 0.4% → 15% · rising (+15%)).
5 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
CVE-2025-61757
Oracle Fusion Middleware Missing Authentication for Critical Function
Actively exploited (CISA KEV)
Listed on CISA KEV
Confirmed in-the-wild exploitation per CISA KEV — active threat momentum, not theoretical risk.
Critical exposure
Exploitation likelihood sharply increased
CVSS 9.8
EPSS 0.4% → 15% · rising (+15%)
Arcserve Udp: EPSS 0.4% → 15% · rising (+15%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.
Critical exposure
New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Oracle Fusion Middleware Missing Authentication for Critical Function
View KEV additions
New critical disclosures
The Mstoreapp Mobile App WordPress plugin through 2.08 and Mstoreapp Mobile Multivendor through 9.0.1 do not properly verify users identi...
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file...
SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in...
hpke-js is a Hybrid Public Key Encryption (HPKE) module built on top of Web Cryptography API.
md-to-pdf is a CLI tool for converting Markdown files to PDF using Node.js and headless Chrome.
View critical disclosures
cvelogic
Threat Intelligence