CrowdSec VulnTracking Report

CVE-2025-34291 Exploited in the Wild: LangFlow AI Framework Under Fire

CVE-2025-34291 is an actively exploited RCE vulnerability in LangFlow. Learn how to detect, mitigate, and protect your AI infrastructure.

CVE-2025-59287: When a Critical Windows Server RCE Turns Patches Into Malware

Critical WSUS RCE CVE-2025-59287 is under active exploitation. Learn how attackers target Windows update infrastructure and how to defend your systems.

CVE-2024-20767 Exploited in the Wild: Adobe ColdFusion Under Attack

CVE-2024-20767 is actively exploited in Adobe ColdFusion. CrowdSec observed a surge in attacks & explains impact, trends, & how to protect your systems.

Fortinet’s Early Christmas Gift to Attackers: SAML Authentication Bypass

Active exploitation targets CVE-2025-59718, a critical Fortinet auth bypass. See detection insights and mitigation steps.

React2Shell Now Among the Most Exploited Vulnerabilities Worldwide (Part 2)

React2Shell (CVE-2025-55182) attacks surged from 500 to 10K+ daily. Learn what changed, attacker trends, and how to protect with CrowdSec.

React2Shell: The Frontend Vulnerability That Gives Attackers a Backend Pass

Learn about CVE-2025-55182, the React2Shell vulnerability that turns a frontend flaw into backend access. Discover its impact & how to protect your apps.

CVE-2025-64095: Ransomware-Style Defacement Attacks Likely as DNN Flaw is Probed

CVE-2025-64095 is being actively probed, allowing attackers to upload and overwrite files on DNN sites. CrowdSec intelligence reveals early exploitation trends.

CVE-2025-54236: SessionReaper Exploit Hits 130K+ Magento Stores in Massive Hijacking Wave

CVE-2025-54236 enables attackers to seize Magento sessions & escalate to RCE. See CrowdSec’s exploitation data, timeline, & protection guidance.

CVE-2025-64446: FortiWeb Zero-Day Under Active Exploitation

CVE-2025-64446 allows attackers to bypass authentication in FortiWeb. Deploy CrowdSec WAF to secure your systems.

CVE-2025-55748: Path Traversal in XWiki Sees Rising Exploitation Activity

CrowdSec detects rising exploitation of XWiki CVE-2025-55748, a path traversal flaw exposing sensitive configs, not yet in CISA KEV.

CVE-2025-54249: SSRF in Adobe Experience Manager Exposes Internal Services

CrowdSec detects active exploitation of CVE-2025-54249 in Adobe Experience Manager (AEM), an SSRF flaw exposing internal services.

CrowdSec VulnTracking Report: September 2025

Discover key insights on emerging CVEs and exploitation attempts in the September edition of the CrowdSec VulnTracking Report.

CrowdSec VulnTracking Report: July 2025

Discover key insights on emerging CVEs and exploitation attempts in the July edition of the CrowdSec VulnTracking Report.

CrowdSec VulnTracking Report: June 2025

Discover key insights on emerging CVEs and exploitation attempts in the June edition of the CrowdSec VulnTracking Report.

CrowdSec VulnTracking Report: May 2025

Discover key insights on emerging CVEs and exploitation attempts in the May edition of the CrowdSec VulnTracking Report.

CrowdSec VulnTracking Report: April 2025

Discover key insights on emerging CVEs and exploitation attempts in the April edition of the CrowdSec VulnTracking Report.

CrowdSec VulnTracking Report: March 2025

We are excited to launch our latest series, the CrowdSec VulnTracking Reports. In these monthly reports, we will be exploring key insights on emerging vulnerabilities and CVE exploitation trends, as spotted by the CrowdSec Network. In March 2025, we added detection for 34 vulnerabilities and/or exploits to our database — translating into scenarios for the […]