CVEMediumSignal 54/100EPSS 89.7%

`CVE-2025-52691`

First Seen

Jun 2, 2026

Last Seen

Jun 3, 2026

Jun 2

First Seen

4d ago

Jun 3

Last Seen

4d ago

Reports

source reports

72%

Confidence

medium

Found in 2 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

CVE

Known vulnerability being actively exploited in the wild.

MISP Category

vulnerability

EPSS Score

89.66%

EPSS Percentile

99.6th

Confidence

72%

Signal Score

54 / 100

IDS Rule

CVE Intelligence

Exploit Probability89.66%

99.6th percentile of all CVEs

Threat Context

Threat Actors2

AAPT28 HHive

Malware Families5

HHive MMedusa MMimikatz PPsExec IImpacket

Feed Intelligence Summary

2 reports72% confidence

Microsoft Threat Intelligence

Apr 6, 2026

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

25 IOCs in report

Recorded Future Blog

Feb 24, 2026

January 2026 CVE Landscape: 23 Critical Vulnerabilities Mark 5% Increase, APT28 Exploits Microsoft Office Zero-Day

30 IOCs in report

Activity Timeline

2 total obs

Apr 6Feb 24

Threat Activity Heatmap

· Peak: 2026-02-24

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

24h

Dormant

30d

Dormant

3mo

Minimal

Threat ScoreMedium Risk

SIGNAL

Signal Score

72%

Confidence

Reports

First seenJun 2, 2026

Last seenJun 3, 2026

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle

CSV Export

Permalink

IOC Journey

medium

First detected 4 days ago · Last seen 4 days ago

Appeared in 2 threat reports from 2 sources

Associated with: APT28, Hive

Used by malware: Hive, Medusa, Mimikatz, PsExec, Impacket

CVE-2025-52691

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

Related Reports

VirusTotal

Export & API

IOC Journey

`CVE-2025-52691`