November 2025 CVE Landscape: 10 Critical Vulnerabilities Show 69% Drop from October

Recorded Future’s Insikt Group reports that November 2025 saw active exploitation of 10 high-impact vulnerabilities — notably two FortiWeb authentication-bypass flaws and a zero-click Samsung image-processing exploit used by the LANDFALL spyware — with seven public PoCs and widespread risk (e.g., ~4,768 exposed FortiWeb instances); the report includes technical analysis, targeted regions/devices, IOCs, mitigation steps, and Nuclei detection templates.