Multiple vulnerabilities in Sitecore CMS | Kaspersky official blog

Multiple vulnerabilities in Sitecore CMS | Kaspersky official blog

Researchers have uncovered three vulnerabilities in the popular content management system, Sitecore Experience Platform.
CVE-2025-34509 involves a hard-coded password (consisting of just a single lett …
Read more

Published Date:
Jun 24, 2025 (2 hours, 50 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-6019

CVE-2025-34511

CVE-2025-34510

CVE-2025-34509

CVE-2025-33053

Read More

CVE-2025-2566 – Kaleris NAVIS N4 ULC Java Deserialization RCE

CVE ID : CVE-2025-2566

Published : June 24, 2025, 7:15 p.m. | 2 hours, 11 minutes ago

Description : Kaleris NAVIS N4 ULC (Ultra Light Client) contains an unsafe Java deserialization vulnerability. An unauthenticated attacker can make specially crafted requests to execute arbitrary code on the server.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Read More

CVE-2025-5087 – Kaleris NAVIS N4 ULC Unencrypted Data Exposure

CVE ID : CVE-2025-5087

Published : June 24, 2025, 7:15 p.m. | 2 hours, 11 minutes ago

Description : Kaleris NAVIS N4 ULC (Ultra Light Client) communicates insecurely using zlib-compressed data over HTTP. An attacker capable of observing network traffic between Ultra Light Clients and N4 servers can extract sensitive information, including plaintext credentials.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Read More

CVE-2024-37743 – KnowledgeGPT Arbitrary Code Execution Vulnerability

CVE ID : CVE-2024-37743

Published : June 24, 2025, 8:15 p.m. | 44 minutes ago

Description : An issue in mmzdev KnowledgeGPT V.0.0.5 allows a remote attacker to execute arbitrary code via the Document Display Component.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Read More