Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA KEV listing for Wing FTP CVE-2025-47813

Public Sector Action
First reported
Last updated
Happening score
H score 49
1 unique sources, 1 articles

Summary

Hide ▲

CISA added CVE-2025-47813 in Wing FTP Server to the KEV catalog after evidence of active exploitation, putting the flaw under formal government tracking. The listing raises urgency for exposed operators because the bug can leak the installation path and affect all versions through 7.4.3. FCEB agencies were told to apply the necessary fixes by March 30, 2026.

Related Happenings

CISA orders FCEB patching for CVE-2026-9082

Public Sector Action
First: 26.05.2026 11:46 Last: 26.05.2026 11:46 Sources 1

About this happening: **CISA** added **CVE-2026-9082** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Drupal** by **May 27**, turning an actively exploited flaw into a mandatory federa...

Open Happening

Ghost CMS CVE-2026-26980 ClickFix campaign

Campaign
First: 24.05.2026 17:12 Last: 24.05.2026 17:12 Sources 1

About this happening: A **large-scale campaign** is exploiting **CVE-2026-26980** in **Ghost CMS** to plant malicious JavaScript and drive **ClickFix** lure pages, putting exposed sites and their visit...

Open Happening

Apex One on-premises server directory traversal zero-day (CVE-2026-34926)

Vulnerability
First: 22.05.2026 16:39 Last: 22.05.2026 16:39 Sources 1

About this happening: **CVE-2026-34926** is a **Trend Micro Apex One** **on-premises** directory traversal zero-day that can let a privileged local attacker inject malicious code onto affected **agents...

Open Happening

Drupal core security update for CVE-2026-9082

Security Patch Release
First: 22.05.2026 16:14 Last: 22.05.2026 16:14 Sources 1

About this happening: **Drupal** released security updates for **CVE-2026-9082**, a highly critical SQL injection flaw affecting **PostgreSQL**-backed sites, and urged administrators to **upgrade immed...

Open Happening

Langflow and Trend Micro Apex One exploited flaws (multiple vulnerabilities)

Vulnerability
First: 22.05.2026 08:47 Last: 22.05.2026 08:47 Sources 1

About this happening: **CISA** added **CVE-2025-34291** in **Langflow** and **CVE-2026-34926** in **Trend Micro Apex One** to the **KEV catalog** after evidence of **active exploitation**. The Langflow...

Open Happening

Timeline

  1. 17.03.2026 07:23 2 articles · 2mo ago

    CISA adds Wing FTP Server CVE-2025-47813 to the KEV catalog

    Legal Policy Action Update

    CISA added CVE-2025-47813 in Wing FTP Server to the Known Exploited Vulnerabilities (KEV) catalog after citing active exploitation, flagging an information disclosure issue in UID cookie handling that can leak the installation path. The flaw affects all versions prior to and including 7.4.3, was addressed in version 7.4.4, and prompted Federal Civilian Executive Branch agencies to apply the necessary fixes by March 30, 2026.

    Show sources
    Open in new tab