CVE advisoryKnown Exploit
CVE-2025-58360
GeoServer XXE Vulnerability in WMS GetMap Operation
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in GeoServer allows attackers to insert external entities into XML requests, potentially leading to unauthorized data access or service disruption. Organizations using affected versions face business risk from this exploit.