CVE-2025-3928: Commvault Web Server Unspecified Vulnerability. Commvault

Commvault Web Server Unspecified Vulnerability. Commvault Web Server contains an unspecified vulnerability that allows a remote, authenticated attacker to create and execute webshells.

• CISA KEV-listed (remediation due 2025-05-19)
• EPSS 28.6% (96.6% percentile)

Browse the CVE database

Read the full analysis on IntelFusions