CISA has added a serious security flaw in the Craft content management system (CMS) to its Known Exploited Vulnerabilities catalog due to evidence of active exploitation.
The vulnerability CVE-2025-23209 (CVSS score: 8.1) affects Craft CMS versions 4 and 5. It was fixed by the maintainers in late December 2024 with versions 4.13.8 and 5.5.8.
By infosecbulletin
/ Monday , June 23 2025
A hacking group reportedly linked to Russian government has been discovered using a new phishing method that bypasses two-factor authentication...
Read More
By infosecbulletin
/ Wednesday , June 18 2025
Russian cybersecurity experts discovered the first local data theft attacks using a modified version of legitimate near field communication (NFC)...
Read More
By infosecbulletin
/ Tuesday , June 17 2025
Cybersecurity researcher Jeremiah Fowler discovered an unsecured database with 170,360 records belonging to a real estate company. It contained personal...
Read More
By infosecbulletin
/ Tuesday , June 17 2025
GreyNoise found attempts to exploit CVE-2023-28771, a vulnerability in Zyxel's IKE affecting UDP port 500. The attack centers around CVE-2023-28771,...
Read More
By infosecbulletin
/ Tuesday , June 17 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included two high-risk vulnerabilities in its Known Exploited Vulnerabilities (KEV)...
Read More
By infosecbulletin
/ Monday , June 16 2025
SafetyDetectives’ Cybersecurity Team discovered a public post on a clear web forum in which a threat actor claimed to have...
Read More
By infosecbulletin
/ Sunday , June 15 2025
WestJet, Canada's second-largest airline, is looking into a cyberattack that has affected some internal systems during its response to the...
Read More
By infosecbulletin
/ Saturday , June 14 2025
Resecurity found 7.4 million records of Paraguayan citizens' personal information leaked on the dark web today. Last week, cybercriminals attempted...
Read More
By infosecbulletin
/ Friday , June 13 2025
HashiCorp has revealed a critical vulnerability in its Nomad tool that may let attackers gain higher privileges by misusing the...
Read More
By infosecbulletin
/ Friday , June 13 2025
SoftBank has disclosed that personal information of more than 137,000 mobile subscribers—covering names, addresses, and phone numbers—might have been leaked...
Read More
“Craft CMS contains a code injection vulnerability that allows for remote code execution as vulnerable versions have compromised user security keys,” the agency said.
The vulnerability affects the following version of the software –
>= 5.0.0-RC1, < 5.5.5
>= 4.0.0-RC1, < 4.13.8
In an advisory released on GitHub, Craft CMS noted that all unpatched versions of Craft with a compromised security key are impacted by the security defect.
“If you can’t update to a patched version, then rotating your security key and ensuring its privacy will help to mitigate the issue,” it noted.
It’s unclear how the user security keys were compromised or the circumstances surrounding it.
FCEB agencies should apply the necessary fixes to reduce the risk from the vulnerability by March 13, 2025.
In December 2024, Craft CMS reported active exploitation of a security flaw (CVE-2024-56145) that allows remote code execution if the PHP register_argc_argv setting is enabled. This vulnerability has not yet been included in CISA’s KEV catalog.
Test this free automated tool to hunt for exposed AWS secrets