Nov 28, 2025 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
- OpenPLC ScadaBR added to CISA KEV — confirmed in-the-wild exploitation.
- 4 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
CVE-2021-26829
OpenPLC ScadaBR Cross-site Scripting
- Actively exploited (CISA KEV)
- Listed on CISA KEV
OpenPLC ScadaBR XSS is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
High-risk exposure
CVE-2025-65112
PubNet is a self-hosted Dart & Flutter package service.
- CVSS 9.4
- Potential privilege escalation to admin/root
New high-severity Ricardoboss Pubnet Privilege Escalation — watch for exploit drops and scanner noise in the first 72 hours after disclosure.
High-risk exposure
CVE-2025-66385
Cerebrate-project Cerebrate privilege escalation
- CVSS 9.4
- Potential privilege escalation to admin/root
New high-severity Cerebrate-project Cerebrate privilege escalation — watch for exploit drops and scanner noise in the first 72 hours after disclosure.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
OpenPLC ScadaBR Cross-site Scripting
View KEV additions
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
PubNet is a self-hosted Dart & Flutter package service.
AIS-catcher is a multi-platform AIS receiver.
OrangeHRM is a comprehensive human resource management (HRM) system.
UsersController::edit in Cerebrate before 1.30 allows an authenticated non-privileged user to escalate their privileges (e.g., obtain a h...
View critical disclosures
cvelogic
Threat Intelligence