CVE-2025-32432 – 0day Craft CMS discovered by Orange Cyberdefense
Orange Cyberdefense (OCD) has discovered a critical vulnerability (CVE-2025-32432) in the Craft CMS software. OCD has approached us to work in partnership to identify…
Symlink backdoor on Fortinet SSL-VPN devices
ShadowServer has discovered more than 17,000 Fortinet SSL VPNs compromised by what’s known as the symlink backdoor. We…
New critical vulnerabilities in GLPI : CVE-2025-24799 and CVE-2025-24801
Two vulnerabilities in the IT asset management tool GLPI have been published under the heading “Pre-authentication SQL injection…
CVE-2025-24799 & CVE-2025-24801
The vulnerabilities identified as CVE-2025-24799 and CVE-2025-24801 affect GLPI, an open-source IT asset management tool. These vulnerabilities allow…
LeMagIT – GLPI: 680 instances in France affected by two serious vulnerabilities
[..] The ONYPHE attack surface management platform has just added support for detecting GLPI vulnerabilities CVE-2025-24799 and CVE-2025-24801….
