CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks

CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks

/in

A high-severity security flaw impacting the Craft content management system (CMS) has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability in question is CVE-2025-23209 (CVSS score: 8.1), which impacts Craft CMS versions 4 and 5. It was addressed by the

The Hacker News – ​Read More

Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom ...Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom NetworksSecond Recently Patched Flaw Exploited to Hack Palo Alto Firewalls