Update KEV: Tue Jul 8 00:13:30 UTC 2025

aboutcode-automation · aboutcode-automation · commit c7f6fcbf1a74 · 2025-07-08T00:13:30.000Z
Signed-off-by: AboutCode Automation &lt;automation@aboutcode.org&gt;
diff --git a/known_exploited_vulnerabilities.json b/known_exploited_vulnerabilities.json
@@ -1,9 +1,71 @@
 {
     "title": "CISA Catalog of Known Exploited Vulnerabilities",
-    "catalogVersion": "2025.07.02",
-    "dateReleased": "2025-07-02T17:50:44.3248Z",
-    "count": 1374,
+    "catalogVersion": "2025.07.07",
+    "dateReleased": "2025-07-07T17:00:02.8406Z",
+    "count": 1378,
     "vulnerabilities": [
+        {
+            "cveID": "CVE-2019-9621",
+            "vendorProject": "Synacor",
+            "product": "Zimbra Collaboration Suite (ZCS)",
+            "vulnerabilityName": "Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery (SSRF) Vulnerability",
+            "dateAdded": "2025-07-07",
+            "shortDescription": "Synacor Zimbra Collaboration Suite (ZCS) contains a server-side request forgery (SSRF) vulnerability via the ProxyServlet component.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-07-28",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/wiki.zimbra.com\/wiki\/Zimbra_Security_Advisories ; https:\/\/wiki.zimbra.com\/wiki\/Security_Center ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-9621",
+            "cwes": [
+                "CWE-918",
+                "CWE-807"
+            ]
+        },
+        {
+            "cveID": "CVE-2019-5418",
+            "vendorProject": "Rails",
+            "product": "Ruby on Rails",
+            "vulnerabilityName": "Rails Ruby on Rails Path Traversal Vulnerability",
+            "dateAdded": "2025-07-07",
+            "shortDescription": "Rails Ruby on Rails contains a path traversal vulnerability in Action View. Specially crafted accept headers in combination with calls to `render file:` can cause arbitrary files on the target server to be rendered, disclosing the file contents.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-07-28",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/web.archive.org\/web\/20190313201629\/https:\/\/weblog.rubyonrails.org\/2019\/3\/13\/Rails-4-2-5-1-5-1-6-2-have-been-released\/ ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-5418",
+            "cwes": [
+                "CWE-22"
+            ]
+        },
+        {
+            "cveID": "CVE-2016-10033",
+            "vendorProject": "PHP",
+            "product": "PHPMailer",
+            "vulnerabilityName": "PHPMailer Command Injection Vulnerability",
+            "dateAdded": "2025-07-07",
+            "shortDescription": "PHPMailer contains a command injection vulnerability because it fails to sanitize user-supplied input. Specifically, this issue affects the 'mail()' function of 'class.phpmailer.php' script. An attacker can exploit this issue to execute arbitrary code within the context of the application. Failed exploit attempts will result in a denial-of-service condition.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-07-28",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https:\/\/github.com\/PHPMailer\/PHPMailer\/releases\/tag\/v5.2.18 ; https:\/\/github.com\/advisories\/GHSA-5f37-gxvh-23v6 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-10033",
+            "cwes": [
+                "CWE-77",
+                "CWE-88"
+            ]
+        },
+        {
+            "cveID": "CVE-2014-3931",
+            "vendorProject": "Looking Glass",
+            "product": "Multi-Router Looking Glass (MRLG)",
+            "vulnerabilityName": "Multi-Router Looking Glass (MRLG) Buffer Overflow Vulnerability",
+            "dateAdded": "2025-07-07",
+            "shortDescription": "Multi-Router Looking Glass (MRLG) contains a buffer overflow vulnerability that could allow remote attackers to cause an arbitrary memory write and memory corruption.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-07-28",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/mrlg.op-sec.us\/ ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-3931",
+            "cwes": [
+                "CWE-119"
+            ]
+        },
         {
             "cveID": "CVE-2025-6554",
             "vendorProject": "Google",
