KEV Entry
CVE-2025-58360
Known Exploited Vulnerability Entry KEVIntel
Entry Details
Confirmed Exploited2026-05-30 00:00 UTC
Timestamps
2026-05-30
2026-05-30
Scope
KEVIntel entry: GeoServer is vulnerable to an Unauthenticated XML External Entities (XXE) attack via WMS GetMap feature | Affected: geoserver / geoserver | CVSS: 8.2 (HIGH) | EPSS: 0.66753 | Used in malware: unknown | Not yet in CISA KEV: False
References
- {'id': 'CVE-2025-58360', 'url': 'https://www.cve.org/CVERecord?id=CVE-2025-58360'}
- {'id': 'kevintel', 'url': 'https://kevintel.com/CVE-2025-58360'}
4c9deb99-bd42-42e0-85b9-127a6fbac838
KEVIntel
caeb2787-0d58-4236-9039-7c86c3e566f3
2026-06-23 14:03 UTC
2026-07-10 06:14 UTC
Evidence
1| Type | Source | Signal | Confidence | Details | GCVE Metadata |
|---|---|---|---|---|---|
| public_report | kevintel | successful_exploitation | 0.70 |
View details
|
- |