NVD disclosure day

Published threat advisories for June 2, 2025

CVE-2025-5086

DELMIA Apriso: Remote Code Execution Risk

Halo Surface Signal: 3 out of 5 — possibly public-facing.

A deserialization vulnerability in DELMIA Apriso may allow remote code execution. This could impact business operations and data security for affected organizations. Organizations should address this risk to mitigate potential business disruption.

NVD published: June 2, 2025 • CISA KEV

CVE advisoryKnown Exploit

CVE-2025-49113

Roundcube Webmail Remote Code Execution Vulnerability

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

Roundcube Webmail has a vulnerability allowing authenticated users to execute remote code due to unvalidated URL parameters. This can impact systems and data by enabling attackers to run arbitrary code. The business risk is significant, potentially leading to data compromise and service disruption.

NVD published: June 2, 2025 • CISA KEV