CVE-2025-58360

CRITICAL

CVSS v3

9.8

CRITICAL

EPSS Score

85.7%

exploit probability

CISA KEV

No

known exploited

Exploitation

SSVC status

Description

GeoServer is an open source server that allows users to share and edit geospatial data. From version 2.26.0 to before 2.26.2 and before 2.25.6, an XML External Entity (XXE) vulnerability was identified. The application accepts XML input through a specific endpoint /geoserver/wms operation GetMap. However, this input is not sufficiently sanitized or restricted, allowing an attacker to define external entities within the XML request. This issue has been patched in GeoServer 2.25.6, GeoServer 2.26.3, and GeoServer 2.27.0.

Technical Details

Published
11/25/2025

Frequently Asked Questions

What is CVE-2025-58360?

GeoServer is an open source server that allows users to share and edit geospatial data. From version 2.26.0 to before 2.26.2 and before 2.25.6, an XML External Entity (XXE) vulnerability was identified. The application accepts XML input through a specific endpoint /geoserver/wms operation GetMap. However, this input is not sufficiently sanitized or restricted, allowing an attacker to define external entities within the XML request. This issue has been patched in GeoServer 2.25.6, GeoServer 2.26.3, and GeoServer 2.27.0.

Is CVE-2025-58360 actively exploited?

Active exploitation of CVE-2025-58360 has not been confirmed. The EPSS score is 85.7%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2025-58360?

CVE-2025-58360 has a CVSS v3 base score of 9.8 (CRITICAL severity).

Is CVE-2025-58360 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.