CSO Online

CISA orders immediate patching as GeoServer flaw faces active exploitation

Federal agencies told to fix critical XXE vulnerability (CVE-2025-58360) in GeoServer after attackers gain a head start.
SecurityWeek

Recent GeoServer Vulnerability Exploited in Attacks

CISA warns that a critical XXE vulnerability in OSGeo GeoServer tracked as CVE-2025-58360 has been exploited in the wild.
The Hacker News

CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog

CISA reports active exploitation of GeoServer XXE flaw CVE-2025-58360 and directs immediate updates to secure affected ...
TechRadar

US federal agency breached by hackers using GeoServer exploit, CISA says

Attackers exploited a critical GeoServer flaw to breach a US federal agency in July 2024 China Chopper web shell enabled remote access and lateral movement across compromised systems CISA urges timely ...

CISA orders feds to patch actively exploited Geoserver flaw

CISA has ordered U.S. federal agencies to patch a critical GeoServer vulnerability now actively exploited in XML External ...
Bleeping Computer

CISA warns critical Geoserver GeoTools RCE flaw is exploited in attacks

CISA is warning that a critical GeoServer GeoTools remote code execution flaw tracked as CVE-2024-36401 is being actively exploited in attacks. GeoServer is an open-source server that allows users to ...
Infosecurity-magazine.com

CISA: Patch Critical GeoServer GeoTools Bug Now

The US Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal government agencies to patch a critical vulnerability in a popular open source server that’s being actively exploited ...