Jan 7, 2026 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

Hewlett Packard Enterprise (HPE) OneView added to CISA KEV — confirmed in-the-wild exploitation.
Sonicspot Audioactive Player — exploitation likelihood rose sharply (EPSS 10% → 28% · rising (+18%)).
10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2009-0556 Microsoft Office PowerPoint Code Injection

Actively exploited (CISA KEV)
Listed on CISA KEV

Microsoft Office Memory Corruption is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Emerging exploitation risk

CVE-2009-1815 Sonicspot Audioactive Player Buffer Overflow

Exploitation likelihood sharply increased
CVSS 9.3
EPSS 10% → 28% · rising (+18%)

Sonicspot Audioactive Player: EPSS 10% → 28% · rising (+18%) — EPSS is climbing faster than peer CVEs in this window, a leading indicator even before KEV or public exploit linkage.

Critical exposure

CVE-2025-61492 Gongrzhe Terminal-controller-mcp Command Injection

CVSS 10

New critical Gongrzhe Terminal-controller-mcp Command Injection (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2025-37164 KEV

Hewlett Packard Enterprise (HPE) OneView Code Injection

CVE-2009-0556 KEV

Microsoft Office PowerPoint Code Injection

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

CVE-2009-1815 EPSS 10% → 28% · rising (+18%) CVSS 9.3

Sonicspot Audioactive Player Buffer Overflow

CVE-2009-1644 EPSS 9.2% → 26% · rising (+17%) CVSS 9.3

Sorinara Streaming Audio Player Buffer Overflow

CVE-2009-1660 EPSS 8.1% → 23% · rising (+15%) CVSS 9.3

Urusoft Viplay3 Buffer Overflow

CVE-2009-1645 EPSS 11% → 26% · rising (+14%) CVSS 9.3

Mini-stream Easy Rm-mp3 Converter Buffer Overflow

CVE-2009-1817 EPSS 6.7% → 21% · rising (+14%) CVSS 9.3

Digimode10 Maya Buffer Overflow

CVE-2009-1674 EPSS 5.2% → 17% · rising (+12%) CVSS 9.3

Microchip Mplab Ide Buffer Overflow

See EPSS increases

New critical disclosures

CVE-2025-12543 CVSS 9.6

A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications.

CVE-2025-32303 CVSS 9.3

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mojoomla WPCHURCH church-management...

CVE-2025-47552 CVSS 9.8

Deserialization of Untrusted Data vulnerability in Digital zoom studio DZS Video Gallery dzs-videogallery allows Object Injection.This is...

CVE-2025-61492 CVSS 10

A command injection vulnerability in the execute_command function of terminal-controller-mcp 0.1.7 allows attackers to execute arbitrary...

CVE-2025-69222 CVSS 9.1

LibreChat is a ChatGPT clone with additional features.

CVE-2026-0650 CVSS 9.3

OpenFlagr versions prior to and including 1.1.18 contain an authentication bypass vulnerability in the HTTP middleware.

CVE-2026-21854 CVSS 9.8

The Tarkov Data Manager is a tool to manage the Tarkov item data.

CVE-2026-21855 CVSS 9.3

The Tarkov Data Manager is a tool to manage the Tarkov item data.

CVE-2026-22540 CVSS 9.2

The massive sending of ARP requests causes a denial of service on one board of the charger that allows control of the EV interfaces.

CVE-2026-22542 CVSS 9.2

An attacker with access to the system's internal network can cause a denial of service on the system by making two concurrent connections...

View critical disclosures

cvelogic Threat Intelligence