CISA adds one known exploited vulnerability to catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation: CVE-2025-58360 OSGeo GeoServer Improper Restriction of XML External Entity Reference Vulnerability.
This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.