Published threat advisories for January 18, 2025

A remote code execution vulnerability affects Craft CMS installations with a compromised security key. This could allow attackers to execute arbitrary code, impacting systems and data. Business risk includes potential data breaches and operational disruption. Patches are available for Craft 5.5.8 and 4.13.8.

NVD published: January 18, 2025 • CISA KEV