NVD disclosure day

Published threat advisories for August 29, 2025

CVE advisoryKnown Exploit

CVE-2025-9377

TP-Link Router Command Execution Vulnerability.

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

An authenticated remote command execution vulnerability impacts specific TP-Link router models. This could allow attackers to gain unauthorized control over affected devices, posing a business risk, especially as the products are end-of-life and no longer supported by the vendor.

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2025-55177

WhatsApp Synchronization Vulnerability Allows Unauthorized Content Processing.

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

An issue within WhatsApp synchronization messages could allow an unauthorized user to trigger content processing from any URL on a target device. This poses a risk to affected organizations and their employees, as it may enable targeted attacks. The business risk involves potential unauthorized access to user data and

NVD published: • CISA KEV