Summary: Two zero-day vulnerabilities in Craft CMS were exploited in ongoing attacks to breach servers and steal data. The vulnerabilities include a remote code execution flaw (CVE-2025-32432) and an input validation flaw in the Yii framework (CVE-2024-58136). Both vulnerabilities have been fixed in recent updates, but administrators are advised to take precautionary security measures if compromise is suspected.
Affected: Craft CMS
Keypoints :
- Remote code execution (CVE-2025-32432) and input validation flaw (CVE-2024-58136) were exploited in attacks.
- Attackers used these vulnerabilities to upload a PHP file manager and exfiltrate data.
- Craft CMS recommends refreshing security keys, rotating database credentials, and implementing user password resets.