CVE-2025-32432: Craft CMS Code Injection Vulnerability. Craft CMS contains
Craft CMS Code Injection Vulnerability. Craft CMS contains a code injection vulnerability that allows a remote attacker to execute arbitrary code.
- CISA KEV-listed (remediation due 2026-04-03)
- EPSS 93.1% (99.8% percentile)