Dec 29, 2025 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • MongoDB And MongoDB Server added to CISA KEV — confirmed in-the-wild exploitation.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2025-14847 MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Confirmed in-the-wild exploitation per CISA KEV — active threat momentum, not theoretical risk.

Critical exposure

CVE-2025-68562 Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG allows Upload a...

  • CVSS 9.9

New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2025-68897

  • CVSS 9.9

New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2024-25181 CVSS 9.1

A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side Request Forgery (SSRF) and arbitrary...

CVE-2024-25182 CVSS 9.8

givanz VvvebJs 1.7.2 suffers from a File Upload vulnerability via save.php.

CVE-2024-27480 CVSS 9.8

givanz VvvebJs 1.7.2 is vulnerable to Insecure File Upload.

CVE-2025-56333 CVSS 9.8

An issue in Fossorial fosrl/pangolin v.1.6.2 and before allows a remote attacker to escalate privileges via the 2FA component

CVE-2025-68562 CVSS 9.9

Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG allows Upload a Web Shell to a Web Server.This issue af...

CVE-2025-68706 CVSS 9.8

A stack-based buffer overflow exists in the GoAhead-Webs HTTP daemon on KuWFi 4G LTE AC900 devices with firmware 1.0.13.

CVE-2025-68860 CVSS 9.8

Authentication Bypass Using an Alternate Path or Channel vulnerability in Mobile Builder Mobile builder mobile-builder allows Authenticat...

CVE-2025-68897 CVSS 9.9

Improper Control of Generation of Code ('Code Injection') vulnerability in Mohammad I.

Frappe is a full-stack web application framework.

CVE-2025-69234 CVSS 9.1

Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment.

View critical disclosures

cvelogic Threat Intelligence