THREATOPS
THREAT OPSCVEs › CVE-2025-32432

CVE-2025-32432 — Craft CMS Code Injection Vulnerability

CISA KEVExploited: confirmedCraft CMS

Craft CMS contains a code injection vulnerability that allows a remote attacker to execute arbitrary code.

Vulnerability details

Related reporting