U.S. CISA adds XWiki Platform, and Broadcom VMware Aria Operations and VMware Tools flaws to its Known Exploited Vulnerabilities catalog

vm_adminNovember 12, 2025

U.S. CISA adds XWiki Platform, and Broadcom VMware Aria Operations and VMware Tools flaws to its Known Exploited Vulnerabilities catalog

Table of Contents

U.S. CISA adds XWiki Platform, and Broadcom VMware Aria Operations and VMware Tools flaws to its Known Exploited Vulnerabilities catalog

Pierluigi Paganini
October 30, 2025

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds XWiki Platform, and Broadcom VMware Aria Operations and VMware Tools flaws to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added XWiki Platform, and Broadcom VMware Aria Operations and VMware Tools flaws to its Known Exploited Vulnerabilities (KEV) catalog.

Below are the flaws added to the catalog:

CVE-2025-24893 (CVSS score of 9.8) XWiki Platform Eval Injection Vulnerability
CVE-2025-41244 (CVSS score of 7.8) Broadcom VMware Aria Operations and VMware Tools Privilege Defined with Unsafe Actions Vulnerability

The XWiki Platform, a generic wiki framework that provides runtime services for…