The U.S. CISA added five enterprise software vulnerabilities to its Known Exploited Vulnerabilities Catalog within an 18‑hour span, including flaws in Versa Concerto, Zimbra Collaboration, VMware vCenter, Vite, and the Prettier eslint-config-prettier package. The issues range from high‑severity remote code execution and heap‑overflow in VMware vCenter (CVE-2024-37079) and authentication bypass in Versa (CVE-2025-34026) to a Zimbra LFI (CVE-2025-68645) and a Prettier supply‑chain dropper that can run node-gyp.dll, while CISA did not name exploiting actors or link the flaws to ransomware groups. #VMware_vCenter #node-gyp.dll
Keypoints
- CISA added five enterprise software flaws to the KEV catalog in an 18‑hour period.
- Affected products include Versa Concerto (CVE-2025-34026), Zimbra (CVE-2025-68645), VMware vCenter (CVE-2024-37079), Vite (CVE-2025-31125), and eslint-config-prettier (CVE-2025-54313).
- CVE-2024-37079 is a critical vCenter DCERPC heap-overflow that may allow remote code execution.
- The eslint-config-prettier supply‑chain compromise can execute an install.js that launches node-gyp.dll malware on Windows.
- CISA did not identify threat actors or ransomware involvement, and some vulnerabilities have available fixes or patched versions.
Read More: https://thecyberexpress.com/cisa-adds-enterprise-software-flaws-to-kev/