The US CISA agency has issued a warning about malicious exploitation of a critical vulnerability in GeoServer (CVE-2025-58360), which can lead to data breaches, SSRF attacks, or DoS. The vulnerability has been actively exploited in the wild since late November, prompting urgent patches and updates. #GeoServer #CVE202558360
Keypoints
- The vulnerability CVE-2025-58360 affects GeoServer and allows external entity exploitation via XML input.
- It has a high severity score of 9.8 on the CVSS scale.
- Patches for the defect were released in GeoServer version 2.28.1 on November 25.
- CISA has added this vulnerability to its Known Exploited Vulnerabilities list due to active attacks.
- This is the third GeoServer vulnerability exploited in the wild this year, with previous incidents reported in June and July.
Read More: https://www.securityweek.com/recent-geoserver-vulnerability-exploited-in-attacks/