Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
đ¨ Marked as known exploited on June 5th, 2025 (about 9 hours ago).
Description: Hackers are actively exploiting CVE-2025-49113, a critical vulnerability in the widely used Roundcube open-source webmail application that allows remote execution. [...]
CVSS: CRITICAL (9.9)
June 5th, 2025 (about 9 hours ago)
|
CVE-2021-32030 |
đ¨ Marked as known exploited on June 2nd, 2025 (3 days ago).
Description: CISA added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
CVE-2021-32030 ASUS Routers Improper Authentication Vulnerability
CVE-2023-39780Â ASUS RT-AX55 Routers OS Command Injection Vulnerability
CVE-2024-56145Â Craft CMS Code Injection Vulnerability
CVE-2025-3935Â ConnectWise ScreenConnect Improper Authentication Vulnerability
CVE-2025-35939 Craft CMS External Control of Assumed-Immutable Web Parameter Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
Please share your thoughts with us thro...
CVSS: CRITICAL (9.8)
June 2nd, 2025 (3 days ago)
|
|
CVE-2025-49113 |
đ¨ Marked as known exploited on June 5th, 2025 (about 9 hours ago).
Description: Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.
CVSS: CRITICAL (9.9) EPSS Score: 0.66%
June 2nd, 2025 (4 days ago)
|
|
đ¨ Marked as known exploited on May 28th, 2025 (9 days ago).
Description: Meet the elite squad thatâs hunting the next major cyberattack. With more than 150 years of combined research experience and expert analysis, the Tenable Research Special Operations team arms organizations with the critical and actionable intelligence necessary to proactively defend the modern attack surface. The digital battlefield is constantly shifting. It's no longer enough to just react. We need to anticipate. Massive data breaches leave consumers exposed to identity thieves, ransomware attacks cripple hospitals, and Nation State actors disrupt critical infrastructure. It's not just about vulnerable software anymore. In our hyper-connected world, from the smart devices in your home to the complex systems running our cities, everything is a potential target. The explosion of cloud services and AI is accelerating this risk, creating countless new windows for cybercriminals and hostile nations to exploit. From software and hardware vulnerabilities, to misconfigurations, compromised identities, overexposed and highly privileged environments, and publicly accessible databases, the threat landscape is everywhere, all at once. As of October 2024, over 240,000 Common Vulnerabilities and Exposures (CVEs) have been tracked through the MITRE CVE program, including many that have significantly impacted consumers, businesses and governments. The volume has historically been too much for security teams to keep up with. Beyond the sheer increase in the volume of traditional vulnerab...
CVSS: CRITICAL (9.6) EPSS Score: 8.83%
May 28th, 2025 (9 days ago)
|
|
đ¨ Marked as known exploited on May 23rd, 2025 (14 days ago).
Description: Learn about CVE-2025-3248 affecting Langflow. Patch now to prevent remote code execution.
CVSS: CRITICAL (9.8)
May 23rd, 2025 (14 days ago)
|
|
CVE-2025-32756 |
đ¨ Marked as known exploited on May 14th, 2025 (22 days ago).
Description: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2025-32756 Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
CVSS: CRITICAL (9.6) EPSS Score: 8.83%
May 14th, 2025 (22 days ago)
|
|
đ¨ Marked as known exploited on May 14th, 2025 (22 days ago).
Description: Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild.
The vulnerability, tracked as CVE-2025-4632 (CVSS score: 9.8), has been described as a path traversal flaw.
"Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to
CVSS: CRITICAL (9.8) EPSS Score: 61.25%
May 14th, 2025 (22 days ago)
|
|
đ¨ Marked as known exploited on May 14th, 2025 (22 days ago).
Description: Fortinet has observed threat actors exploiting CVE-2025-32756, a critical zero-day arbitrary code execution vulnerability which affects multiple Fortinet products including FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera.BackgroundOn May 13th, Fortinet published a security advisory (FG-IR-25-254) for CVE-2025-32756, a critical arbitrary code execution vulnerability affecting multiple Fortinet products.CVEDescriptionCVSSv3CVE-2025-32756An arbitrary code execution vulnerability in FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera9.6AnalysisCVE-2025-32756 is an arbitrary code execution vulnerability affecting multiple Fortinet products including FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera. A remote unauthenticated attacker can send crafted HTTP requests in order to create a stack-based overflow condition which would allow for the execution of arbitrary code. This vulnerability was discovered by the Fortinet Product Security Team who observed threat activity involving a device running FortiVoice.According to Fortinet, the threat actors operations included scanning the network, erasing system crashlogs and enabling âfcgi debuggingâ which is used to log authentication attempts, including SSH logins. The âfcgi debuggingâ option is not enabled by default and the Fortinet advisory recommends reviewing the setting as one possible indicator of compromise (IoC).Historical Exploitation of Fortinet DevicesFortinet vulnerabilities have histo...
CVSS: CRITICAL (9.6) EPSS Score: 8.83%
May 14th, 2025 (22 days ago)
|
|
CVE-2024-46506 |
đ¨ Marked as known exploited on May 13th, 2025 (23 days ago).
Description: NetAlertX 23.01.14 through 24.x before 24.10.12 allows unauthenticated command injection via settings update because function=savesettings lacks an authentication requirement, as exploited in the wild in May 2025. This is related to settings.php and util.php.
CVSS: CRITICAL (10.0) EPSS Score: 47.74%
May 13th, 2025 (23 days ago)
|
|
CVE-2025-32756 |
đ¨ Marked as known exploited on May 14th, 2025 (22 days ago).
Description: A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.8, FortiNDR versions 7.6.0, 7.4.0 through 7.4.7, 7.2.0 through 7.2.4, 7.0.0 through 7.0.6, FortiCamera versions 2.1.0 through 2.1.3, 2.0 all versions, 1.1 all versions, allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie.
CVSS: CRITICAL (9.6) EPSS Score: 8.83%
May 13th, 2025 (23 days ago)
|