September 2025 CVE Landscape

**Executive summary:** Recorded Future's Insikt Group identified sixteen prioritized, high-impact vulnerabilities for September 2025 and documented multiple active exploitations — including a persistent bootkit and modular shellcode (RayInitiator and LINE VIPER) targeting legacy Cisco ASA devices, Sitecore ViewState deserialization exploited to deploy WEEPSTEEL/EARTHWORM/SharpHound, Adminer SSRF abuse, and linked vulnerability chains affecting WhatsApp and Apple devices — while providing Nuclei detection templates, IoCs, and remediation guidance.