Exploits and vulnerabilities in Q3 2025

Q3 2025 exploit report: the number of published CVEs rose and attackers actively exploited both legacy Office RCEs (CVE-2018-0802, CVE-2017-11882, CVE-2017-0199) and newly weaponized WinRAR directory traversal flaws (CVE-2025-6218, CVE-2025-8088). Linux kernel issues (Dirty Pipe and others) continue to be exploited for privilege escalation; critical SharePoint "ToolShell" vulnerabilities were disclosed and patched. APT cases leveraged zero-days and common C2 frameworks (Metasploit, Sliver, Mythic) for initial access and lateral movement; the report emphasizes telemetry-backed active exploitation and advises rapid patching and vulnerability management.