According to security researchers at CERT Orange Cyberdefense, a critical remote code execution (RCE) vulnerability in Craft CMS is actively being exploited to breach servers and steal data. The vulnerability, tracked as CVE-2025-32432 and assigned a maximum CVSS score of 10.0, affects all versions of Craft CMS prior to 3.9.15, 4.14.15, and 5.6.17. CMS RCE […]
The post Critical Craft CMS RCE 0-Day Vulnerability Exploited in Attacks to Steal Data appeared first on Cyber Security News.
This article has been indexed from Cyber Security News