GeoServer Archives • Daily CyberSecurity

CISA KEV Alert: GeoServer XXE Flaw Under Active Attack Risks Data Theft & Internal Network Scanning CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA KEV Alert: GeoServer XXE Flaw Under Active Attack Risks Data Theft & Internal Network Scanning

Do Son December 12, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the widely used OSGeo...

High-Severity GeoServer Flaw (CVE-2025-58360) Allows Unauthenticated XXE for File Theft and SSRF CVE-2023-25157 GeoServer XXE, Unauthenticated File Exfiltration

CVE-2023-25157 GeoServer XXE, Unauthenticated File Exfiltration

High-Severity GeoServer Flaw (CVE-2025-58360) Allows Unauthenticated XXE for File Theft and SSRF

Do Son December 1, 2025

The maintainers of GeoServer have issued an important security advisory regarding a high-severity vulnerability that could allow...

CVE-2024-36401 Exploited in Stealthy Bandwidth-Monetization Campaign Passive monetization, GeoServer vulnerability

CVE-2024-36401 Exploited in Stealthy Bandwidth-Monetization Campaign

Do Son August 22, 2025

A new report from Palo Alto Networks’ Unit 42 has shed light on an unusual and stealthy...

Ongoing Attacks Exploit GeoServer RCE Flaw (CVE-2024-36401) to Install NetCat and XMRig CoinMiner GeoServer RCE, XMRig CoinMiner

Ongoing Attacks Exploit GeoServer RCE Flaw (CVE-2024-36401) to Install NetCat and XMRig CoinMiner

Do Son July 10, 2025

The AhnLab Security Intelligence Center (ASEC) has issued a fresh warning on the ongoing exploitation of a...

Threat Actors Exploit GeoServer Vulnerability CVE-2024-36401 to Launch Malware Campaigns SideWalk malware & GOREVERSE

Threat Actors Exploit GeoServer Vulnerability CVE-2024-36401 to Launch Malware Campaigns

Do Son September 6, 2024

Cybersecurity researchers at FortiGuard Labs have observed multiple campaigns targeting a critical vulnerability in GeoServer, an open-source...

Critical GeoServer RCE Flaw CVE-2024-36401 Actively Exploited, 6,284 Instances Vulnerable GeoServer vulnerability

Critical GeoServer RCE Flaw CVE-2024-36401 Actively Exploited, 6,284 Instances Vulnerable

Do Son July 30, 2024

Security threat monitoring platform Shadowserver has revealed that 6,284 GeoServer instances exposed to the Internet are vulnerable...

CVE-2024-36401 (CVSS 9.8): Critical GeoServer Flaw Under Active Attack, PoC Available CVE-2024-36401 exploit

CVE-2024-36401 (CVSS 9.8): Critical GeoServer Flaw Under Active Attack, PoC Available

Do Son July 15, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical vulnerability...

CVE-2024-36401 (CVSS 9.8): Urgent Patch Needed for GeoServer RCE Vulnerability

Do Son July 2, 2024

A severe security flaw, CVE-2024-36401 (CVSS 9.8), has been discovered in GeoServer, a widely-used open-source software platform...

Hackers are exploiting RCE Vulnerability (CVE-2023-35042) in GeoServer

Do Son June 12, 2023

GeoServer, the open-source software written in Java that allows users to view and edit geospatial data, has...

CVE-2023-25157 & CVE-2023-25158: SQLi Bugs in GeoTools & GeoServer CVE-2023-25157 GeoServer XXE, Unauthenticated File Exfiltration

CVE-2023-25157 & CVE-2023-25158: SQLi Bugs in GeoTools & GeoServer

Do Son February 22, 2023

A now-patched security flaw in the GeoTools JavaScript module and GeoServer could be abused by a remote...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

GeoServer

CISA KEV Alert: GeoServer XXE Flaw Under Active Attack Risks Data Theft & Internal Network Scanning

High-Severity GeoServer Flaw (CVE-2025-58360) Allows Unauthenticated XXE for File Theft and SSRF

CVE-2024-36401 Exploited in Stealthy Bandwidth-Monetization Campaign

Ongoing Attacks Exploit GeoServer RCE Flaw (CVE-2024-36401) to Install NetCat and XMRig CoinMiner

Threat Actors Exploit GeoServer Vulnerability CVE-2024-36401 to Launch Malware Campaigns

Critical GeoServer RCE Flaw CVE-2024-36401 Actively Exploited, 6,284 Instances Vulnerable

CVE-2024-36401 (CVSS 9.8): Critical GeoServer Flaw Under Active Attack, PoC Available

CVE-2024-36401 (CVSS 9.8): Urgent Patch Needed for GeoServer RCE Vulnerability

Hackers are exploiting RCE Vulnerability (CVE-2023-35042) in GeoServer

CVE-2023-25157 & CVE-2023-25158: SQLi Bugs in GeoTools & GeoServer