THREAT SENTINEL
Back to Dashboard
VulnerabilitiesCritical

CVE-2025-32432: Critical Code Injection in Craft CMS

Sunday, March 22, 2026
Global
NVD - National Vulnerability Database

Summary

A critical code injection vulnerability has been discovered in Craft CMS, allowing attackers to execute arbitrary code on vulnerable systems.

Threat Analysis

CVE-2025-32432 represents a severe security flaw in Craft CMS that enables remote code execution through code injection. This vulnerability affects multiple versions of the popular content management system and has been assigned a critical severity rating due to its ease of exploitation and potential impact. Organizations using Craft CMS should immediately apply available patches and review their systems for signs of compromise. The vulnerability could allow attackers to gain complete control over affected web applications, potentially leading to data theft, system manipulation, or further network penetration.

Last updated: Mar 22, 2026, 09:16 AM

Daily Intelligence

Stay Ahead of Threats

Subscribe to receive daily threat briefings delivered to your inbox. Be the first to know about emerging security risks.

No spamUnsubscribe anytimeDaily at 9 AM