NVD disclosure day

Published threat advisories for July 22, 2025

CVE-2025-4285

Agentis SQL Injection Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

An SQL injection vulnerability in Agentis allows attackers to manipulate database queries by sending specially crafted input over the network. This could lead to unauthorized access, modification, or denial of service, impacting data integrity and confidentiality. The risk exists if Agentis is deployed and accessible.

NVD published: July 22, 2025

CVE advisoryKnown Exploit

CVE-2025-38352

Linux Kernel CPU Timer Race Condition Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A Linux kernel vulnerability allows for a race condition affecting POSIX CPU timers. This can lead to system instability and data corruption if an exiting task is concurrently managed by timer functions. Organizations should address this to mitigate business risk.

NVD published: July 22, 2025 • CISA KEV