CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks

Updated on February 21, 2025

A high-severity security flaw impacting the Craft content management system (CMS) has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability in question is CVE-2025-23209 (CVSS score: 8.1), which impacts Craft CMS versions 4 and 5. It was addressed by the…

Read the rest of the story at Read More

Source: The Hacker News

November 18, 2024 Uncategorized

Beyond Compliance: The Advantage of Year...

January 2, 2025 Uncategorized

Three Russian-German Nationals Charged w...

January 20, 2025 Uncategorized

CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks

Related posts

Beyond Compliance: The Advantage of Year...

Three Russian-German Nationals Charged w...

Unsecured Tunneling Protocols Expose 4.2...

Leave a Comment Cancel reply

Recent News

Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors

Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

How to Automate CVE and Vulnerability Advisory Response with Tines