{
	"id": "c04219ed-7352-412a-8059-cf5c763b22ad",
	"created_at": "2026-04-06T00:21:05.759612Z",
	"updated_at": "2026-04-10T03:20:30.769985Z",
	"deleted_at": null,
	"sha1_hash": "7f8c2cfdd2fa320261fdba41b57ec1a152c03561",
	"title": "Flashpoint Weekly Vulnerability Insights and Prioritization Report",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 1338682,
	"plain_text": "Flashpoint Weekly Vulnerability Insights and Prioritization Report\r\nBy Flashpoint Intel Team\r\nPublished: 2025-12-31 · Archived: 2026-04-05 20:00:39 UTC\r\nPosts Flashpoint Weekly Vulnerability Insights and Prioritization Report\r\nBlog\r\nWeek of December 20 – December 26, 2025\r\nAnticipate, contextualize, and prioritize vulnerabilities to effectively address threats to your organization.\r\n Table Of Contents\r\nFlashpoint’s VulnDB™️ documents over 400,000 vulnerabilities and has over 6,000 entries in Flashpoint’s KEV database,\r\nmaking it a critical resource as vulnerability exploitation rises. However, if your organization is relying solely on CVE data,\r\nyou may be missing critical vulnerability metadata and insights that hinder timely remediation. That’s why we created this\r\nweekly series—where we surface and analyze the most high priority vulnerabilities security teams need to know about.\r\nKey Vulnerabilities:\r\nWeek of December 20 – December 26, 2025\r\nFoundational Prioritization\r\nOf the vulnerabilities Flashpoint published this week, there are 34 that you can take immediate action on. They each have a\r\nsolution, a public exploit exists, and are remotely exploitable. As such, these vulnerabilities are a great place to begin your\r\nprioritization efforts.\r\nhttps://www.flashpoint-intel.com/blog/trickbot-account-checking-hybrid-attack-model/\r\nPage 1 of 11\n\nDiving Deeper – Urgent Vulnerabilities\r\nOf the vulnerabilities Flashpoint published last week, four are highlighted in this week’s Vulnerability Insights and\r\nPrioritization Report because they contain one or more of the following criteria:\r\nAre in widely used products and are potentially enterprise-affecting\r\nAre exploited in the wild or have exploits available\r\nAllow full system compromise\r\nCan be exploited via the network alone or in combination with other vulnerabilities\r\nHave a solution to take action on\r\nIn addition, all of these vulnerabilities are easily discoverable and therefore should be investigated and fixed immediately.\r\nTo proactively address these vulnerabilities and ensure comprehensive coverage beyond publicly available sources on an\r\nongoing basis, organizations can leverage Flashpoint Vulnerability Intelligence. Flashpoint provides comprehensive\r\ncoverage encompassing IT, OT, IoT, CoTs, and open-source libraries and dependencies. It catalogs over 100,000\r\nvulnerabilities that are not included in the NVD or lack a CVE ID, ensuring thorough coverage beyond publicly available\r\nsources. The vulnerabilities that are not covered by the NVD do not yet have CVE ID assigned and will be noted with a\r\nVulnDB ID.\r\nCVE\r\nID\r\nTitle\r\nCVSS\r\nScores\r\n(v2,\r\nv3,\r\nv4)\r\nExploit\r\nStatus\r\nExploit\r\nConsequence\r\nRansomware\r\nLikelihood\r\nScore\r\nSocial\r\nRisk\r\nScore\r\nSolu\r\nAva\r\nhttps://www.flashpoint-intel.com/blog/trickbot-account-checking-hybrid-attack-model/\r\nPage 2 of 11\n\nCVE-2025-\r\n33222\r\nNVIDIA Isaac Launchable Unspecified\r\nHardcoded Credentials\r\n5.0\r\n9.8\r\n9.3\r\nPrivate\r\nCredential\r\nDisclosure\r\nHigh Low Yes\r\nCVE-2025-\r\n33223\r\nNVIDIA Isaac Launchable Unspecified\r\nImproper Execution Privileges Remote\r\nCode Execution\r\n10.0\r\n9.8\r\n9.3\r\nPrivate\r\nRemote Code\r\nExecution\r\nHigh Low Yes\r\nCVE-2025-\r\n68613\r\nn8n Package for Node.js\r\npackages/workflow/src/expression-evaluator-proxy.ts Workflow Expression\r\nEvaluation Remote Code Execution\r\n9.0\r\n9.9\r\n9.4\r\nPublic\r\nRemote Code\r\nExecution\r\nHigh High Yes\r\nCVE-2025-\r\n14847\r\nMongoDB\r\ntransport/message_compressor_zlib.cpp\r\nZlibMessageCompressor::decompressData()\r\nFunction Zlib Compressed Protocol Header\r\nHandling Remote Uninitialized Memory\r\nDisclosure (Mongobleed)\r\n10.0\r\n9.8\r\n9.3\r\nPublic\r\nUninitialized\r\nMemory\r\nDisclosure\r\nHigh High Yes\r\nScores as of: December 30, 2025\r\nNOTES: The severity of a given vulnerability score can change whenever new information becomes\r\navailable. Flashpoint maintains its vulnerability database with the most recent and relevant information\r\navailable. Login to view more vulnerability metadata and for the most up-to-date information.\r\nCVSS scores: Our analysts calculate, and if needed, adjust NVD’s original CVSS scores based on new\r\ninformation being available.\r\nSocial Risk Score: Flashpoint estimates how much attention a vulnerability receives on social media.\r\nIncreased mentions and discussions elevate the Social Risk Score, indicating a higher likelihood of\r\nexploitation. The score considers factors like post volume and authors, and decreases as the vulnerability’s\r\nrelevance diminishes.\r\nRansomware Likelihood: This score is a rating that estimates the similarity between a vulnerability and\r\nthose known to be used in ransomware attacks. As we learn more information about a vulnerability (e.g.\r\nexploitation method, technology affected) and uncover additional vulnerabilities used in ransomware attacks,\r\nthis rating can change.\r\nFlashpoint Ignite lays all of these components out. Below is an example of what this vulnerability record for CVE-2025-\r\n33223 looks like.\r\nhttps://www.flashpoint-intel.com/blog/trickbot-account-checking-hybrid-attack-model/\r\nPage 3 of 11\n\nThis record provides additional metadata like affected product versions, MITRE ATT\u0026CK mapping, analyst\r\nnotes, solution description, classifications, vulnerability timeline and exposure metrics, exploit references and\r\nmore.\r\nBelow, Flashpoint analysts describe the five vulnerabilities highlighted above as vulnerabilities that should be of focus for\r\nremediation if your organization is exposed.\r\nCVE-2025-33222\r\nNVIDIA Isaac Launchable contains a flaw that is triggered by the use of unspecified hardcoded credentials. This may allow\r\na remote attacker to trivially gain privileged access to the program.\r\nCVE-2025-33223\r\nNVIDIA Isaac Launchable contains an unspecified flaw that is triggered as certain activities are executed with unnecessary\r\nprivileges. This may allow a remote attacker to potentially execute arbitrary code.\r\nCVE-2025-68613\r\nn8n Package for Node.js contains a flaw in packages/workflow/src/expression-evaluator-proxy.ts that is triggered as\r\nworkflow expressions are evaluated in an improperly isolated execution context. This may allow an authenticated, remote\r\nattacker to execute arbitrary code with the privileges of the n8n process.\r\nCVE-2025-14847\r\nMongoDB contains a flaw in the ZlibMessageCompressor::decompressData() function in\r\nmongo/transport/message_compressor_zlib.cpp that is triggered when handling mismatched length fields in Zlib compressed\r\nprotocol headers. This may allow a remote attacker to disclose uninitialized memory contents on the heap.\r\nPreviously Highlighted Vulnerabilities\r\nCVE/VulnDB ID Flashpoint Published Date\r\nCVE-2025-21218 Week of January 15, 2025\r\nCVE-2024-57811 Week of January 15, 2025\r\nCVE-2024-55591 Week of January 15, 2025\r\nCVE-2025-23006 Week of January 22, 2025\r\nCVE-2025-20156 Week of January 22, 2025\r\nCVE-2024-50664 Week of January 22, 2025\r\nCVE-2025-24085 Week of January 29, 2025\r\nCVE-2024-40890 Week of January 29, 2025\r\nCVE-2024-40891 Week of January 29, 2025\r\nVulnDB ID: 389414 Week of January 29, 2025\r\nCVE-2025-25181 Week of February 5, 2025\r\nCVE-2024-40890 Week of February 5, 2025\r\nCVE-2024-40891 Week of February 5, 2025\r\nCVE-2024-8266 Week of February 12, 2025\r\nCVE-2025-0108 Week of February 12, 2025\r\nhttps://www.flashpoint-intel.com/blog/trickbot-account-checking-hybrid-attack-model/\r\nPage 4 of 11\n\nCVE-2025-24472 Week of February 12, 2025\r\nCVE-2025-21355 Week of February 24, 2025\r\nCVE-2025-26613 Week of February 24, 2025\r\nCVE-2024-13789 Week of February 24, 2025\r\nCVE-2025-1539 Week of February 24, 2025\r\nCVE-2025-27364 Week of March 3, 2025\r\nCVE-2025-27140 Week of March 3, 2025\r\nCVE-2025-27135 Week of March 3, 2025\r\nCVE-2024-8420 Week of March 3, 2025\r\nCVE-2024-56196 Week of March 10, 2025\r\nCVE-2025-27554 Week of March 10, 2025\r\nCVE-2025-22224 Week of March 10, 2025\r\nCVE-2025-1393 Week of March 10, 2025\r\nCVE-2025-24201 Week of March 17, 2025\r\nCVE-2025-27363 Week of March 17, 2025\r\nCVE-2025-2000 Week of March 17, 2025\r\nCVE-2025-27636\r\nCVE-2025-29891\r\nWeek of March 17, 2025\r\nCVE-2025-1496\r\nWeek of March 24, 2025\r\nCVE-2025-27781 Week of March 24, 2025\r\nCVE-2025-29913 Week of March 24, 2025\r\nCVE-2025-2746 Week of March 24, 2025\r\nCVE-2025-29927 Week of March 24, 2025\r\nCVE-2025-1974 CVE-2025-2787 Week of March 31, 2025\r\nCVE-2025-30259 Week of March 31, 2025\r\nCVE-2025-2783 Week of March 31, 2025\r\nCVE-2025-30216 Week of March 31, 2025\r\nCVE-2025-22457 Week of April 2, 2025\r\nCVE-2025-2071 Week of April 2, 2025\r\nCVE-2025-30356 Week of April 2, 2025\r\nCVE-2025-3015 Week of April 2, 2025\r\nCVE-2025-31129 Week of April 2, 2025\r\nCVE-2025-3248 Week of April 7, 2025\r\nhttps://www.flashpoint-intel.com/blog/trickbot-account-checking-hybrid-attack-model/\r\nPage 5 of 11\n\nCVE-2025-27797 Week of April 7, 2025\r\nCVE-2025-27690 Week of April 7, 2025\r\nCVE-2025-32375 Week of April 7, 2025\r\nVulnDB ID: 398725 Week of April 7, 2025\r\nCVE-2025-32433 Week of April 12, 2025\r\nCVE-2025-1980 Week of April 12, 2025\r\nCVE-2025-32068 Week of April 12, 2025\r\nCVE-2025-31201 Week of April 12, 2025\r\nCVE-2025-3495 Week of April 12, 2025\r\nCVE-2025-31324 Week of April 17, 2025\r\nCVE-2025-42599 Week of April 17, 2025\r\nCVE-2025-32445 Week of April 17, 2025\r\nVulnDB ID: 400516 Week of April 17, 2025\r\nCVE-2025-22372 Week of April 17, 2025\r\nCVE-2025-32432 Week of April 29, 2025\r\nCVE-2025-24522 Week of April 29, 2025\r\nCVE-2025-46348 Week of April 29, 2025\r\nCVE-2025-43858 Week of April 29, 2025\r\nCVE-2025-32444 Week of April 29, 2025\r\nCVE-2025-20188 Week of May 3, 2025\r\nCVE-2025-29972 Week of May 3, 2025\r\nCVE-2025-32819 Week of May 3, 2025\r\nCVE-2025-27007 Week of May 3, 2025\r\nVulnDB ID: 402907 Week of May 3, 2025\r\nVulnDB ID: 405228 Week of May 17, 2025\r\nCVE-2025-47277 Week of May 17, 2025\r\nCVE-2025-34027 Week of May 17, 2025\r\nCVE-2025-47646 Week of May 17, 2025\r\nVulnDB ID: 405269 Week of May 17, 2025\r\nVulnDB ID: 406046 Week of May 19, 2025\r\nCVE-2025-48926 Week of May 19, 2025\r\nCVE-2025-47282 Week of May 19, 2025\r\nCVE-2025-48054 Week of May 19, 2025\r\nhttps://www.flashpoint-intel.com/blog/trickbot-account-checking-hybrid-attack-model/\r\nPage 6 of 11\n\nCVE-2025-41651 Week of May 19, 2025\r\nCVE-2025-20289 Week of June 3, 2025\r\nCVE-2025-5597 Week of June 3, 2025\r\nCVE-2025-20674 Week of June 3, 2025\r\nCVE-2025-5622 Week of June 3, 2025\r\nCVE-2025-5419 Week of June 3, 2025\r\nCVE-2025-33053 Week of June 7, 2025\r\nCVE-2025-5353 Week of June 7, 2025\r\nCVE-2025-22455 Week of June 7, 2025\r\nCVE-2025-43200 Week of June 7, 2025\r\nCVE-2025-27819 Week of June 7, 2025\r\nCVE-2025-49132 Week of June 13, 2025\r\nCVE-2025-49136 Week of June 13, 2025\r\nCVE-2025-50201 Week of June 13, 2025\r\nCVE-2025-49125 Week of June 13, 2025\r\nCVE-2025-24288 Week of June 13, 2025\r\nCVE-2025-6543 Week of June 21, 2025\r\nCVE-2025-3699 Week of June 21, 2025\r\nCVE-2025-34046 Week of June 21, 2025\r\nCVE-2025-34036 Week of June 21, 2025\r\nCVE-2025-34044 Week of June 21, 2025\r\nCVE-2025-7503 Week of July 12, 2025\r\nCVE-2025-6558 Week of July 12, 2025\r\nVulnDB ID: 411705 Week of July 12, 2025\r\nVulnDB ID: 411704 Week of July 12, 2025\r\nCVE-2025-6222 Week of July 12, 2025\r\nCVE-2025-54309 Week of July 18, 2025\r\nCVE-2025-53771 Week of July 18, 2025\r\nCVE-2025-53770 Week of July 18, 2025\r\nCVE-2025-54122 Week of July 18, 2025\r\nCVE-2025-52166 Week of July 18, 2025\r\nCVE-2025-53942 Week of July 25, 2025\r\nCVE-2025-46811 Week of July 25, 2025\r\nhttps://www.flashpoint-intel.com/blog/trickbot-account-checking-hybrid-attack-model/\r\nPage 7 of 11\n\nCVE-2025-52452 Week of July 25, 2025\r\nCVE-2025-41680 Week of July 25, 2025\r\nCVE-2025-34143 Week of July 25, 2025\r\nCVE-2025-50454 Week of August 1, 2025\r\nCVE-2025-8875 Week of August 1, 2025\r\nCVE-2025-8876 Week of August 1, 2025\r\nCVE-2025-55150 Week of August 1, 2025\r\nCVE-2025-25256 Week of August 1, 2025\r\nCVE-2025-43300 Week of August 16, 2025\r\nCVE-2025-34153 Week of August 16, 2025\r\nCVE-2025-48148 Week of August 16, 2025\r\nVulnDB ID: 416058 Week of August 16, 2025\r\nCVE-2025-32992 Week of August 16, 2025\r\nCVE-2025-7775 Week of August 24, 2025\r\nCVE-2025-8424 Week of August 24, 2025\r\nCVE-2025-34159 Week of August 24, 2025\r\nCVE-2025-57819 Week of August 24, 2025\r\nCVE-2025-7426 Week of August 24, 2025\r\nCVE-2025-58367 Week of September 1, 2025\r\nCVE-2025-58159 Week of September 1, 2025\r\nCVE-2025-58048 Week of September 1, 2025\r\nCVE-2025-39247 Week of September 1, 2025\r\nCVE-2025-8857 Week of September 1, 2025\r\nCVE-2025-58321 Week of September 8, 2025\r\nCVE-2025-58366 Week of September 8, 2025\r\nCVE-2025-58371 Week of September 8, 2025\r\nCVE-2025-55728 Week of September 8, 2025\r\nCVE-2025-55190 Week of September 8, 2025\r\nVulnDB ID: 419253 Week of September 13, 2025\r\nCVE-2025-10035 Week of September 13, 2025\r\nCVE-2025-59346 Week of September 13, 2025\r\nCVE-2025-55727 Week of September 13, 2025\r\nCVE-2025-10159 Week of September 13, 2025\r\nhttps://www.flashpoint-intel.com/blog/trickbot-account-checking-hybrid-attack-model/\r\nPage 8 of 11\n\nCVE-2025-20363 Week of September 20, 2025\r\nCVE-2025-20333 Week of September 20, 2025\r\nCVE-2022-4980 Week of September 20, 2025\r\nVulnDB ID: 420451 Week of September 20, 2025\r\nCVE-2025-9900 Week of September 20, 2025\r\nCVE-2025-52906 Week of September 27, 2025\r\nCVE-2025-51495 Week of September 27, 2025\r\nCVE-2025-27224 Week of September 27, 2025\r\nCVE-2025-27223 Week of September 27, 2025\r\nCVE-2025-54875 Week of September 27, 2025\r\nCVE-2025-41244 Week of September 27, 2025\r\nCVE-2025-61928 Week of October 6, 2025\r\nCVE-2025-61882 Week of October 6, 2025\r\nCVE-2025-49844 Week of October 6 2025\r\nCVE-2025-57870 Week of October 6, 2025\r\nCVE-2025-34224 Week of October 6, 2025\r\nCVE-2025-34222 Week of October 6, 2025\r\nCVE-2025-40765 Week of October 11, 2025\r\nCVE-2025-59230 Week of October 11, 2025\r\nCVE-2025-24990 Week of October 11, 2025\r\nCVE-2025-61884 Week of October 11, 2025\r\nCVE-2025-41430 Week of October 11, 2025\r\nVulnDB ID: 424051 Week of October 18, 2025\r\nCVE-2025-62645 Week of October 18, 2025\r\nCVE-2025-61932 Week of October 18, 2025\r\nCVE-2025-59503 Week of October 18, 2025\r\nCVE-2025-43995 Week of October 18, 2025\r\nCVE-2025-62168 Week of October 18, 2025\r\nVulnDB ID: 425182 Week of October 25, 2025\r\nCVE-2025-62713 Week of October 25, 2025\r\nCVE-2025-54964 Week of October 25, 2025\r\nCVE-2024-58274 Week of October 25, 2025\r\nCVE-2025-41723 Week of October 25, 2025\r\nhttps://www.flashpoint-intel.com/blog/trickbot-account-checking-hybrid-attack-model/\r\nPage 9 of 11\n\nCVE-2025-20354 Week of November 1, 2025\r\nCVE-2025-11953 Week of November 1, 2025\r\nCVE-2025-60854 Week of November 1, 2025\r\nCVE-2025-64095 Week of November 1, 2025\r\nCVE-2025-11833 Week of November 1, 2025\r\nCVE-2025-64446 Week of November 8, 2025\r\nCVE-2025-36250 Week of November 8, 2025\r\nCVE-2025-64400 Week of November 8, 2025\r\nCVE-2025-12686 Week of November 8, 2025\r\nCVE-2025-59118 Week of November 8, 2025\r\nVulnDB ID: 426231 Week of November 8, 2025\r\nVulnDB ID: 427979 Week of November 22, 2025\r\nCVE-2025-55796 Week of November 22, 2025\r\nCVE-2025-64428 Week of November 22, 2025\r\nCVE-2025-62703 Week of November 22, 2025\r\nVulnDB ID: 428193 Week of November 22, 2025\r\nCVE-2025-65018 Week of November 22, 2025\r\nCVE-2025-54347 Week of November 22, 2025\r\nCVE-2025-55182 Week of November 29, 2025\r\nCVE-2024-14007 Week of November 29, 2025\r\nCVE-2025-66399 Week of November 29, 2025\r\nCVE-2022-35420 Week of November 29, 2025\r\nCVE-2025-66516 Week of November 29, 2025\r\nCVE-2025-59366 Week of November 29, 2025\r\nCVE-2025-14174 Week of December 6, 2026\r\nCVE-2025-43529 Week of December 6, 2026\r\nCVE-2025-8110 Week of December 6, 2026\r\nCVE-2025-59719 Week of December 6, 2026\r\nCVE-2025-59718 Week of December 6, 2026\r\nCVE-2025-14087 Week of December 6, 2026\r\nCVE-2025-62221 Week of December 6, 2026\r\nTransform Vulnerability Management with Flashpoint\r\nhttps://www.flashpoint-intel.com/blog/trickbot-account-checking-hybrid-attack-model/\r\nPage 10 of 11\n\nRequest a demo today to see how Flashpoint can transform your vulnerability intelligence, vulnerability management, and\r\nexposure identification program.\r\nRequest a demo today.\r\nSource: https://www.flashpoint-intel.com/blog/trickbot-account-checking-hybrid-attack-model/\r\nhttps://www.flashpoint-intel.com/blog/trickbot-account-checking-hybrid-attack-model/\r\nPage 11 of 11",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA",
		"Malpedia"
	],
	"references": [
		"https://www.flashpoint-intel.com/blog/trickbot-account-checking-hybrid-attack-model/"
	],
	"report_names": [
		"trickbot-account-checking-hybrid-attack-model"
	],
	"threat_actors": [],
	"ts_created_at": 1775434865,
	"ts_updated_at": 1775791230,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/7f8c2cfdd2fa320261fdba41b57ec1a152c03561.pdf",
		"text": "https://archive.orkl.eu/7f8c2cfdd2fa320261fdba41b57ec1a152c03561.txt",
		"img": "https://archive.orkl.eu/7f8c2cfdd2fa320261fdba41b57ec1a152c03561.jpg"
	}
}