Vulnerability Report – January 2025
Introduction
This vulnerability report has been generated using data aggregated on Vulnerability-Lookup, with contributions from the platform’s community.
It highlights the most frequently mentioned vulnerability for January 2025, based on sightings collected from various sources, including MISP, Exploit-DB, Bluesky, Mastodon, GitHub Gists, The Shadowserver Foundation, Nuclei, and more. For further details, please visit this page.
The final section focuses on exploitations observed through The Shadowserver Foundation’s honeypot network.
January at a glance
Sightings repartition per day
Repartition of all type of sightings per day for the month of January.
For more detailed information, check out the Vulnerability-Lookup dashboard:
https://vulnerability.circl.lu
Top 15 vulnerabilities of the month
Evolution per week
Week 1
Ranking
Week 2
Ranking
Insights from contributors
- Chrome Update Addresses High-Severity on CVE-2025-0291
- Stable Channel Update for Desktop Tuesday, January 7, 2025 on CVE-2025-0291
- Android security bulletin - MediaTek components
- Sonicwall vulnerabilities including critical ones
Week 3
Ranking
Insights from contributors
- Haunted by Legacy: Discovering and Exploiting Vulnerable Tunnelling Hosts
- Unit42 Threat Brief: CVE-2025-0282 and CVE-2025-0283
- 6 vulnerabilities in rsync server
Week 4
Ranking
Insights from contributors
- Proof Of Concept for CVE-2023-22527 (Confluence SSTI) - Struts2 for CVE-2023-22527
- CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
- A vulnerability report for BYD (Chinese car maker)
- Update your Yealink phones
Week 5
Ranking
Insights from contributors
Continuous exploitation
The sightings used for this analysis were collected through
The Shadowserver Foundation’s honeypot network.
Patches are available for the following three vulnerabilities!
CVE-2017-9841 - PHPUnit
CVE-2015-2051 - D-Link
On Exploit-DB.
CVE-2017-17215 - Huawei HG532
Thank you
Thank you to all the contributors and our diverse sources!
If you want to contribute to the next report, you can create your account.