A severe security vulnerability affecting OSGeo GeoServer has been added to the CISA KEV catalog due to active exploitation. It involves an XML External Entity (XXE) flaw that could allow attackers to access files, conduct SSRF, or cause DoS attacks. #CVE2025-58360 #GeoServerVulnerability
Keypoints
- The vulnerability impacts all versions of OSGeo GeoServer prior to 2.25.6 and 2.26.2, with patches available for newer versions.
- Successful exploitation can enable attackers to access server files, execute SSRF, or cause resource exhaustion leading to DoS.
- The flaw was discovered by the AI-powered vulnerability platform XBOW and reported by CISA as actively exploited in the wild.
- Another critical flaw in the same software, CVE-2024-36401, has also been exploited by threat actors over the past year.
- FCEB agencies are advised to apply the security patches by January 1, 2026, to protect their systems.
Read More: https://thehackernews.com/2025/12/cisa-flags-actively-exploited-geoserver.html