Feb 4, 2026 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
- Fortinet FortiWeb: public exploit or PoC linked (SQL Injection)
- 10 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Active exploit activity
CVE-2025-25257
Fortinet FortiWeb SQL Injection
- Public exploit or PoC available
- Exploit activity linked
Fortinet FortiWeb SQL Injection now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Active exploit activity
CVE-2025-32023
Redis is an open source, in-memory database that persists on disk.
- Public exploit or PoC available
- Exploit activity linked
- Remote code execution exposure
Redis RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Critical exposure
CVE-2026-25505
Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers.
New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
View KEV additions
Exploit & PoC activity
OctoPrint provides a web interface for controlling consumer 3D printers.
A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the confi...
Fortinet FortiWeb SQL Injection
Redis is an open source, in-memory database that persists on disk.
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-cn` Ingress annota...
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `mirror-target` and `mirror-host`...
A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network...
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingress annotation can...
Microsoft Windows NTLM Hash Disclosure Spoofing
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python.
View new exploit links
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 could allow an unauthenticated user to execute arbitrary commands with elev...
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex wor...
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex wor...
Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers.
Group-Office is an enterprise customer relationship management and groupware tool.
Locutus brings stdlibs of other programming languages to JavaScript for educational purposes.
JinJava is a Java-based template engine based on django template syntax, adapted to render jinja templates.
SiYuan is a personal knowledge management system.
@isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion.
Navidrome is an open source web-based music collection server and streamer.
View critical disclosures
cvelogic
Threat Intelligence