<ul><li>U.S. CISA adds RoundCube Webmail and Erlang Erlang/OTP SSH server flaws to its Known Exploited Vulnerabilities catalog.</li><li>CVE-2025-32433 is a critical flaw impacting older versions of Erlang/OTP SSH server, leading to remote code execution.</li><li>CVE-2024-42009 is a critical XSS vulnerability in RoundCube Webmail software, allowing malicious email-based attacks.</li><li>CISA has ordered federal agencies to fix these vulnerabilities by June 30, 2025, to protect against potential exploitation.</li></ul>

U.S. CISA adds RoundCube Webmail and Erlang Erlang/OTP SSH server flaws to its Known Exploited Vulnerabilities catalog

Discover more