CVE-2025-64095 is a critical file-upload vulnerability in DNN that allows unauthenticated attackers to overwrite site content and inject malicious code. Learn what’s affected, how to mitigate the risk, and how CyCognito helps identify vulnerable external assets.
Read more about Emerging Threat: CVE-2025-64095 – Critical Unauthenticated File Upload Vulnerability in DNN (DotNetNuke)CVE-2025-55752 is a path traversal vulnerability in Apache Tomcat that can bypass security controls and, in configurations allowing HTTP PUT, enable malicious file uploads leading to potential remote code execution. Proof-of-concept code is available, and cybersecurity authorities warn exploitation attempts are likely.
Read more about Emerging Threat: Apache Tomcat Vulnerability CVE-2025-55752Analyzing 500,000 internet-exposed assets from Forbes Global 2000 enterprises, we uncovered just how uneven WAF coverage really is, and why that inconsistency creates hidden risk.
Read more about Over 50% of Enterprise External Assets Lack WAF Protection, Including PII PagesWe analyzed more than two million internet-exposed assets across cloud, on-prem, APIs, and web apps, discovered by our platform over the past 18 months. Using attacker-simulated testing, including black-box pentesting, dynamic application security testing (DAST), and active vulnerability scanning, we mapped how exploitable exposures cluster by industry and asset type. The results reveal systemic weaknesses in how organizations govern their digital perimeter, especially in environments shaped by rapid growth, third-party dependencies, and fragmented ownership.
Read more about What Over 2 Million Assets Reveal About Industry VulnerabilityCloud assets are increasingly vulnerable, now accounting for one-third of all easily exploitable security issues. Organizations using multi-cloud environments—especially outside the major providers—face significantly higher exposure to both critical and easily exploitable risks. To manage this growing threat, businesses need full visibility into their external attack surfaces and should adopt proactive, automated platforms like CyCognito to detect and remediate vulnerabilities quickly.
Read more about And The Cloud Goes Wild: Looking at Vulnerabilities in Cloud AssetsOn April 24, 2025, SAP disclosed CVE-2025-31324, a critical vulnerability (CVSS 10.0) in the Metadata Uploader of SAP NetWeaver Visual Composer 7.50, which is actively exploited. SAP released a patch, with details limited to customers, alongside other mitigation options. CyCognito has deployed detection tests and provides customers with asset lists to assess and validate remediation efforts.
Read more about Emerging Threat: SAP NetWeaver Visual Composer CVE-2025-31324CVE-2025-22457 is a critical buffer overflow vulnerability (CVSS 9.0) in Ivanti Connect Secure, Policy Secure, and ZTA Gateways, enabling unauthenticated remote code execution via a crafted X-Forwarded-For header. It has been actively exploited by espionage group UNC5221 and is listed in CISA’s KEV catalog. Patches are available for most affected products, but legacy Pulse Connect Secure devices require migration, and customers are advised to monitor for signs of compromise.
Read more about Emerging Threat: Ivanti CVE-2025-22457CVE-2025-29927 is a critical authorization vulnerability (CVSS 9.1) in self-hosted Next.js applications using middleware, allowing attackers to bypass security checks with a crafted x-middleware-subrequest header. It affects versions 11.1.5 to 15.2.2, with patches available in newer releases. While there are no active exploits reported as of March 27, 2025, CyCognito has issued guidance to help organizations assess and mitigate exposure.
Read more about Emerging Threat: Next.js CVE-2025-29927On February 12, 2025, Palo Alto Networks announced CVE-2025-0108, a high severity (8.8) authentication bypass vulnerability affecting Palo Alto Networks PAN-OS management web interface. This issue has a public PoC and is being actively exploited. CyCognito published an emerging threat advisory on this vulnerability within the CyCognito platform.
Read more about Emerging Threat: PAN-OS CVE-2025-0108On January 14, 2025, Fortinet disclosed a new critical (CVSS 9.8) authentication bypass vulnerability affecting FortiOS and FortiProxy. CVE-2024-55591 allows unauthenticated remote attackers to target the Node.js WebSocket module of the administrative interface and potentially gain super-admin privileges. CyCognito is helping customers identify assets vulnerable to CVE-2024-55591.
Read more about Emerging Threat: Fortinet CVE-2024-55591
