Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA KEV addition for Smartbedded Meteobridge CVE-2025-4008

Public Sector Action
First reported
Last updated
Happening score
H score 52
1 unique sources, 1 articles

Summary

Hide ▲

CISA added CVE-2025-4008 in Smartbedded Meteobridge to the KEV catalog, signaling active exploitation and requiring FCEB agencies to apply updates by October 23, 2025. The flaw is a command injection issue in the web interface that can lead to arbitrary command execution with root privileges. A fix was already released in Meteobridge version 6.2.

Related Happenings

Ghost CMS Content API SQL injection SQL injection flaw (CVE-2026-26980)

Vulnerability
First: 25.05.2026 15:02 Last: 25.05.2026 15:02 Sources 1

About this happening: Threat actors are **actively exploiting CVE-2026-26980** in **Ghost CMS Content API**, creating **SQL injection** risk that can expose database data and enable unauthorized **admi...

Open Happening

Ghost CMS CVE-2026-26980 ClickFix campaign

Campaign
First: 24.05.2026 17:12 Last: 24.05.2026 17:12 Sources 1

About this happening: A **large-scale campaign** is exploiting **CVE-2026-26980** in **Ghost CMS** to plant malicious JavaScript and drive **ClickFix** lure pages, putting exposed sites and their visit...

Open Happening

LiteSpeed User-End cPanel Plugin root script execution security flaw (CVE-2026-48172)

Vulnerability
First: 23.05.2026 10:35 Last: 23.05.2026 10:35 Sources 1

About this happening: **CVE-2026-48172** in the **LiteSpeed User-End cPanel Plugin** is now **actively exploited**, creating **root-level arbitrary script execution** risk for exposed cPanel systems. T...

Open Happening

Langflow and Trend Micro Apex One exploited flaws (multiple vulnerabilities)

Vulnerability
First: 22.05.2026 08:47 Last: 22.05.2026 08:47 Sources 1

About this happening: **CISA** added **CVE-2025-34291** in **Langflow** and **CVE-2026-34926** in **Trend Micro Apex One** to the **KEV catalog** after evidence of **active exploitation**. The Langflow...

Open Happening

Ivanti security patch release for CVE-2026-8043

Security Patch Release
First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

Open Happening

Timeline

  2. 03.10.2025 11:23 2 articles · 7mo ago

    CISA adds Smartbedded Meteobridge CVE-2025-4008 to KEV

    Initial Disclosure

    CISA added Smartbedded Meteobridge CVE-2025-4008 to the Known Exploited Vulnerabilities (KEV) catalog after evidence of active exploitation. CVE-2025-4008 is a command injection flaw in the Meteobridge web interface that can allow remote unauthenticated attackers to gain arbitrary command execution with root privileges on affected devices.

    Show sources
    Open in new tab
  3. 03.10.2025 11:23 1 articles · 7mo ago

    FCEB agencies face October 23, 2025 update deadline

    Legal Policy Action Update

    Federal Civilian Executive Branch (FCEB) agencies are required to apply the necessary updates by October 23, 2025 because of active exploitation affecting Smartbedded Meteobridge CVE-2025-4008.

    Show sources
    Open in new tab