CVE-2025-32432 – Craft CMS Remote Code Execution Vulnerability

April 25, 2025

CVE ID : CVE-2025-32432

Published : April 25, 2025, 3:15 p.m. | 28 minutes ago

Description : Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Starting from version 3.0.0-RC1 to before 3.9.15, 4.0.0-RC1 to before 4.14.15, and 5.0.0-RC1 to before 5.6.17, Craft is vulnerable to remote code execution. This is a high-impact, low-complexity attack vector. This issue has been patched in versions 3.9.15, 4.14.15, and 5.6.17, and is an additional fix for CVE-2023-41892.

Severity: 10.0 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3641 – Moodle Dropbox Repository Remote Code Execution Vulnerability

Next Article CVE-2025-3634 – Moodle Authentication Bypass

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

SteelSeries’ latest wireless mouse is cheap and colorful — but is this the one to spend your money on?

DistroWatch Weekly, Issue 1128

Your Slack app is getting a big upgrade – here’s how to try the new AI features

How Code Feedback MCP Enhances AI-Generated Code Quality

How Code Feedback MCP Enhances AI-Generated Code Quality

PRSS Site Creator – Create Blogs and Websites from Your Desktop

Say hello to ECMAScript 2025

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

SteelSeries’ latest wireless mouse is cheap and colorful — but is this the one to spend your money on?

Microsoft confirms Windows 11 25H2, might make Windows more stable

CVE-2025-32432 – Craft CMS Remote Code Execution Vulnerability

⚡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More

China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom

Integrating Rive into a React Project: Behind the Scenes of Valley Adventures

MuseAmp is an audio normalizer for MP3/FLAC

Zimbra Collaboration Server GraphQL Vulnerability Exposes Sensitive User Data

Microsoft Brings TITAN Intelligence System to Security Copilot Guided Response

Gears of War: E-Day is coming in 2026, as Phil Spencer shares an update during Xbox Games Showcase 2025

Salesforce AI Releases BLIP3-o: A Fully Open-Source Unified Multimodal Model Built with CLIP Embeddings and Flow Matching for Image Understanding and Generation

Lexie Hull Mrs Steal Yo Job SHirt

Windows 11 news and updates in June: Microsoft’s AI agent in Settings makes adjusting your PC easier than ever

CVE-2025-32432 – Craft CMS Remote Code Execution Vulnerability

Related Posts