CVE-2025-58360
CRITICALCVSS v3
9.8
CRITICAL
EPSS Score
85.7%
exploit probability
CISA KEV
No
known exploited
Exploitation
—
SSVC status
Description
GeoServer is an open source server that allows users to share and edit geospatial data. From version 2.26.0 to before 2.26.2 and before 2.25.6, an XML External Entity (XXE) vulnerability was identified. The application accepts XML input through a specific endpoint /geoserver/wms operation GetMap. However, this input is not sufficiently sanitized or restricted, allowing an attacker to define external entities within the XML request. This issue has been patched in GeoServer 2.25.6, GeoServer 2.26.3, and GeoServer 2.27.0.
Technical Details
- Published
- 11/25/2025
Frequently Asked Questions
What is CVE-2025-58360?
GeoServer is an open source server that allows users to share and edit geospatial data. From version 2.26.0 to before 2.26.2 and before 2.25.6, an XML External Entity (XXE) vulnerability was identified. The application accepts XML input through a specific endpoint /geoserver/wms operation GetMap. However, this input is not sufficiently sanitized or restricted, allowing an attacker to define external entities within the XML request. This issue has been patched in GeoServer 2.25.6, GeoServer 2.26.3, and GeoServer 2.27.0.
Is CVE-2025-58360 actively exploited?
Active exploitation of CVE-2025-58360 has not been confirmed. The EPSS score is 85.7%, indicating the estimated probability of exploitation in the next 30 days.
What is the CVSS score for CVE-2025-58360?
CVE-2025-58360 has a CVSS v3 base score of 9.8 (CRITICAL severity).
Is CVE-2025-58360 affecting your environment?
Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.