Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-48929 |
🚨 Marked as known exploited on May 28th, 2025 (5 days ago).
Description: The TeleMessage service through 2025-05-05 implements authentication through a long-lived credential (e.g., not a token with a short expiration time) that can be reused at a later date if discovered by an adversary, as exploited in the wild in May 2025.
CVSS: MEDIUM (4.0) EPSS Score: 0.05%
May 28th, 2025 (5 days ago)
|
|
CVE-2025-48928 |
🚨 Marked as known exploited on May 28th, 2025 (5 days ago).
Description: The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump, as exploited in the wild in May 2025.
CVSS: MEDIUM (4.0) EPSS Score: 0.01% SSVC Exploitation: none
May 28th, 2025 (5 days ago)
|
|
CVE-2025-48927 |
🚨 Marked as known exploited on May 28th, 2025 (5 days ago).
Description: The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heapdump URI, as exploited in the wild in May 2025.
CVSS: MEDIUM (5.3) EPSS Score: 0.03% SSVC Exploitation: none
May 28th, 2025 (5 days ago)
|
|
CVE-2025-48926 |
🚨 Marked as known exploited on May 28th, 2025 (5 days ago).
Description: The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail addresses, passwords, and telephone numbers, as exploited in the wild in May 2025.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
May 28th, 2025 (5 days ago)
|
|
CVE-2025-48925 |
🚨 Marked as known exploited on May 28th, 2025 (5 days ago).
Description: The TeleMessage service through 2025-05-05 relies on the client side (e.g., the TM SGNL app) to do MD5 hashing, and then accepts the hash as the authentication credential, as exploited in the wild in May 2025.
CVSS: MEDIUM (4.3) EPSS Score: 0.05%
May 28th, 2025 (5 days ago)
|
|
CVE-2024-11182 |
🚨 Marked as known exploited on May 19th, 2025 (14 days ago).
Description: An XSS issue was discovered in
MDaemon Email Server before version 24.5.1c. An attacker can send an HTML e-mail message
with
JavaScript in an img tag. This could
allow a remote attacker
to load arbitrary JavaScript code in the context of a webmail user's browser window.
CVSS: MEDIUM (6.1) EPSS Score: 39.83% SSVC Exploitation: active
May 19th, 2025 (14 days ago)
|
|
CVE-2025-4427 |
🚨 Marked as known exploited on May 19th, 2025 (14 days ago).
Description: CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2025-4427 Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability
CVE-2025-4428 Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
CVE-2024-11182 MDaemon Email Server Cross-Site Scripting (XSS) Vulnerability
CVE-2025-27920 Srimax Output Messenger Directory Traversal Vulnerability
CVE-2024-27443 Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability
CVE-2023-38950 ZKTeco BioTime Path Traversal Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management p...
CVSS: MEDIUM (5.3) EPSS Score: 73.05%
May 19th, 2025 (14 days ago)
|
|
🚨 Marked as known exploited on May 16th, 2025 (17 days ago).
Description: Two critical Ivanti zero-days (CVE-2025-4427 and CVE-2025-4428) are now being actively exploited after a surge in scanning activity last month. When chained together, these vulnerabilities enable unauthenticated remote code execution on Ivanti Endpoint Manager Mobile systems.
CVSS: MEDIUM (5.3) EPSS Score: 73.05%
May 16th, 2025 (17 days ago)
|
|
🚨 Marked as known exploited on May 15th, 2025 (18 days ago).
Description: Google has issued a security update for Chrome's Stable channel, addressing a high-severity vulnerability in Chrome's Loader component that has been actively exploited in the wild. The flaw, tracked under CVE-2025-4664, was publicly disclosed by security researcher ‘@slonser_‘ on May 5, 2025, through a series of technical posts on X. The exploit technique, which was …
The post Google Patches Actively Exploited Chrome Flaw Allowing Cross-Origin Data Leaks appeared first on CyberInsider.
CVSS: MEDIUM (4.3) EPSS Score: 2.43%
May 15th, 2025 (18 days ago)
|
|
CVE-2025-4664 |
🚨 Marked as known exploited on May 15th, 2025 (18 days ago).
Description: Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVSS: MEDIUM (4.3) EPSS Score: 2.43%
May 14th, 2025 (19 days ago)
|