Information security
fromThe Hacker News
3 hours agoCISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog
CVE-2025-58360 is an unauthenticated XXE in OSGeo GeoServer being exploited in the wild; affected versions require immediate patching to prevent file access, SSRF, and DoS.