THREAT OPS › CVEs › CVE-2025-32432
CVE-2025-32432 — Craft CMS Code Injection Vulnerability
Craft CMS contains a code injection vulnerability that allows a remote attacker to execute arbitrary code.
Vulnerability details
- Affected productsCraft CMS
- KEV remediation due2026-04-03