NVD disclosure day

Published threat advisories for April 24, 2025

CVE-2025-31324

SAP NetWeaver Unauthorized File Upload Risk

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

An authorization flaw in SAP NetWeaver Visual Composer allows unauthorized users to upload harmful executable files, potentially damaging host systems and impacting data. This poses a significant business risk to organizations by affecting system confidentiality, integrity, and availability.

NVD published: April 24, 2025 • CISA KEV

CVE advisoryKnown Exploit

CVE-2025-1976

Brocade Fabric OS Code Execution Vulnerability.

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in Brocade Fabric OS allows a local administrator to execute arbitrary code, potentially compromising systems and data. This poses a business risk to organizations using affected versions.

NVD published: April 24, 2025 • CISA KEV