CVE-2025-41035 | appRain CMF 4.0.5 SecurityManager download path traversal (EUVD-2025-26697)

September 4, 2025 Yanac

A vulnerability, which was classified as critical, was found in appRain CMF 4.0.5. Impacted is an unknown function of the file /apprain/common/download/ of the component SecurityManager. Executing manipulation can lead to path traversal.

This vulnerability is tracked as CVE-2025-41035. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More

CVE-2025-7388 | Progress OpenEdge up to 12.2.17/12.8.7 Java RMI Interface command injection (EUVD-2025-26702)
Implement an enterprise-ready data lakehouse architecture with Spark and Kyuubi