Update KEV: Sat Jul 19 00:13:46 UTC 2025

aboutcode-automation · aboutcode-automation · commit bc2801b0fbc6 · 2025-07-19T00:13:46.000Z
Signed-off-by: AboutCode Automation &lt;automation@aboutcode.org&gt;
diff --git a/known_exploited_vulnerabilities.json b/known_exploited_vulnerabilities.json
@@ -1,9 +1,24 @@
 {
     "title": "CISA Catalog of Known Exploited Vulnerabilities",
-    "catalogVersion": "2025.07.14",
-    "dateReleased": "2025-07-14T17:04:09.0133Z",
-    "count": 1380,
+    "catalogVersion": "2025.07.18",
+    "dateReleased": "2025-07-18T17:00:02.4347Z",
+    "count": 1381,
     "vulnerabilities": [
+        {
+            "cveID": "CVE-2025-25257",
+            "vendorProject": "Fortinet",
+            "product": "FortiWeb",
+            "vulnerabilityName": "Fortinet FortiWeb SQL Injection Vulnerability",
+            "dateAdded": "2025-07-18",
+            "shortDescription": "Fortinet FortiWeb contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-08-08",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/fortiguard.fortinet.com\/psirt\/FG-IR-25-151 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-25257",
+            "cwes": [
+                "CWE-89"
+            ]
+        },
         {
             "cveID": "CVE-2025-47812",
             "vendorProject": "Wing FTP Server",
@@ -18506,7 +18521,7 @@
             "shortDescription": "Microsoft Remote Desktop Services, formerly known as Terminal Service, contains an unspecified vulnerability that allows an unauthenticated attacker to connect to the target system using RDP and send specially crafted requests. Successful exploitation allows for remote code execution. The vulnerability is also known under the moniker of BlueKeep.",
             "requiredAction": "Apply updates per vendor instructions.",
             "dueDate": "2022-05-03",
-            "knownRansomwareCampaignUse": "Unknown",
+            "knownRansomwareCampaignUse": "Known",
             "notes": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-0708",
             "cwes": [
                 "CWE-416"
