Cyber Threat Digest – 2025-09-19

🔥 Known Exploited Vulnerabilities (CISA KEV)

8 exploited vulns of note.

• CVE-2025-5086 — Dassault Systèmes DELMIA Apriso Deserialization of Untrusted Data Vulnerability — Dassault Systèmes DELMIA Apriso (Added: 2025-09-11) — Details
• CVE-2025-38352 — Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability — Linux Kernel (Added: 2025-09-04) — Details
• CVE-2025-48543 — Android Runtime Use-After-Free Vulnerability — Android Runtime (Added: 2025-09-04) — Details
• CVE-2025-53690 — Sitecore Multiple Products Deserialization of Untrusted Data Vulnerability — Sitecore Multiple Products (Added: 2025-09-04) — Details
• CVE-2023-50224 — TP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability — TP-Link TL-WR841N (Added: 2025-09-03) — Details
• CVE-2025-9377 — TP-Link Archer C7(EU) and TL-WR841N/ND(MS) OS Command Injection Vulnerability — TP-Link Multiple Routers (Added: 2025-09-03) — Details
• CVE-2020-24363 — TP-link TL-WA855RE Missing Authentication for Critical Function Vulnerability — TP-Link TL-WA855RE (Added: 2025-09-02) — Details
• CVE-2025-55177 — Meta Platforms WhatsApp Incorrect Authorization Vulnerability — Meta Platforms WhatsApp (Added: 2025-09-02) — Details

---

⚠️ Recent CVEs (NVD)

Latest CVEs with CVSS badges.

• CVE-2022-50375 — In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown lpuart_dma_shutdown tears down lpu… — Details
• CVE-2022-50376 — In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init() When insert and remove the orangefs module, th… — Details
• CVE-2022-50377 — In the Linux kernel, the following vulnerability has been resolved: ext4: check and assert if marking an no_delete evicting inode dirty In ext4_evict_inode(), if we evicting an i… — Details
• CVE-2022-50378 — In the Linux kernel, the following vulnerability has been resolved: drm/meson: reorder driver deinit sequence to fix use-after-free bug Unloading the driver triggers the followin… — Details
• CVE-2022-50379 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between quota enable and quota rescan ioctl When enabling quotas, at btrfs_quota_enable(), aft… — Details
• CVE-2022-50380 — In the Linux kernel, the following vulnerability has been resolved: mm: /proc/pid/smaps_rollup: fix no vma's null-deref Commit 258f669e7e88 ("mm: /proc/pid/smaps_rollup: convert … — Details

---

📰 Security News

Top headlines from trusted sources.

• Steam will stop running on Windows 32-bit in January 2026
  — Fri, 19 Sep 2025 12:14:41 GMT
• OpenAI's $4 GPT Go plan may expand to more regions
  — Fri, 19 Sep 2025 00:30:00 GMT
• ChatGPT Search is now smarter as OpenAI takes on Google Search
  — Thu, 18 Sep 2025 23:10:00 GMT
• ChatGPT now gives you greater control over GPT-5 Thinking model
  — Thu, 18 Sep 2025 22:20:56 GMT
• UK arrests 'Scattered Spider' teens linked to Transport for London hack
  — Thu, 18 Sep 2025 14:37:12 GMT
• SystemBC malware turns infected VPS systems into proxy highway
  — Thu, 18 Sep 2025 14:35:53 GMT