Cyber Threat Digest – 2025-09-16

🔥 Known Exploited Vulnerabilities (CISA KEV)

8 exploited vulns of note.

• CVE-2025-5086 — Dassault Systèmes DELMIA Apriso Deserialization of Untrusted Data Vulnerability — Dassault Systèmes DELMIA Apriso (Added: 2025-09-11) — Details
• CVE-2025-38352 — Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability — Linux Kernel (Added: 2025-09-04) — Details
• CVE-2025-48543 — Android Runtime Use-After-Free Vulnerability — Android Runtime (Added: 2025-09-04) — Details
• CVE-2025-53690 — Sitecore Multiple Products Deserialization of Untrusted Data Vulnerability — Sitecore Multiple Products (Added: 2025-09-04) — Details
• CVE-2023-50224 — TP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability — TP-Link TL-WR841N (Added: 2025-09-03) — Details
• CVE-2025-9377 — TP-Link Archer C7(EU) and TL-WR841N/ND(MS) OS Command Injection Vulnerability — TP-Link Multiple Routers (Added: 2025-09-03) — Details
• CVE-2020-24363 — TP-link TL-WA855RE Missing Authentication for Critical Function Vulnerability — TP-Link TL-WA855RE (Added: 2025-09-02) — Details
• CVE-2025-55177 — Meta Platforms WhatsApp Incorrect Authorization Vulnerability — Meta Platforms WhatsApp (Added: 2025-09-02) — Details

---

⚠️ Recent CVEs (NVD)

Latest CVEs with CVSS badges.

• CVE-2022-50234 — In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: defer registered files gc to io_uring release Instead of putting io_uring's registered files… — Details
• CVE-2022-50235 — In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READDIR Restore the previous limit on the @count argument … — Details
• CVE-2022-50236 — In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Fix crash on isr after kexec() If the system is rebooted via isr(), the IRQ handler might be t… — Details
• CVE-2022-50239 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix writes in read-only memory region This commit fixes a kernel oops because of a write in som… — Details
• CVE-2022-50240 — In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of alloc->vma in race with munmap() In commit 720c24192404 ("ANDROID: binder: change down_w… — Details
• CVE-2022-50241 — In the Linux kernel, the following vulnerability has been resolved: NFSD: fix use-after-free on source server when doing inter-server copy Use-after-free occurred when the laundr… — Details

---

📰 Security News

Top headlines from trusted sources.

• Jaguar Land Rover extends shutdown after cyberattack by another week
  — Tue, 16 Sep 2025 13:08:16 GMT
• Apple backports zero-day patches to older iPhones and iPads
  — Tue, 16 Sep 2025 12:16:53 GMT
• New FileFix attack uses steganography to drop StealC malware
  — Tue, 16 Sep 2025 12:00:00 GMT
• Webinar: Your browser is the breach — securing the modern web edge
  — Tue, 16 Sep 2025 11:01:08 GMT
• OpenAI's new GPT-5 Codex model takes on Claude Code
  — Tue, 16 Sep 2025 00:51:22 GMT
• Google confirms fraudulent account created in law enforcement portal
  — Mon, 15 Sep 2025 20:12:37 GMT