Deep Security Center
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
CyberPanel
1012196* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-51567)
HPE Insight Remote Support
1012317* - HPE Insight Remote Support XML External Entity Injection Vulnerability (CVE-2024-53675)
JetBrains TeamCity
1012443 - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2025-52879)
WSO2
1012342* - WSO2 API Manager Documentation Arbitrary File Upload Vulnerability
Web Application PHP Based
1012361* - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2022-4068)
1012339* - WordPress 'WP Shortcodes' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2025-0370)
1012343* - WordPress 'WP Umbrella' Plugin Local File Inclusion Vulnerability (CVE-2024-12209)
Web Server HTTPS
1012445 - FreePBX SQL Injection Vulnerability (CVE-2025-57819)
Web Server SharePoint
1012390* - Microsoft SharePoint Server Spoofing Vulnerability (CVE-2025-49706 and CVE-2025-53771)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011453* - Microsoft Windows WMI Events - 1
Deep Packet Inspection Rules:
CyberPanel
1012196* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-51567)
HPE Insight Remote Support
1012317* - HPE Insight Remote Support XML External Entity Injection Vulnerability (CVE-2024-53675)
JetBrains TeamCity
1012443 - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2025-52879)
WSO2
1012342* - WSO2 API Manager Documentation Arbitrary File Upload Vulnerability
Web Application PHP Based
1012361* - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2022-4068)
1012339* - WordPress 'WP Shortcodes' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2025-0370)
1012343* - WordPress 'WP Umbrella' Plugin Local File Inclusion Vulnerability (CVE-2024-12209)
Web Server HTTPS
1012445 - FreePBX SQL Injection Vulnerability (CVE-2025-57819)
Web Server SharePoint
1012390* - Microsoft SharePoint Server Spoofing Vulnerability (CVE-2025-49706 and CVE-2025-53771)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1011453* - Microsoft Windows WMI Events - 1
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Remote Desktop Protocol Server
1012383 - Identified RDS Local Resource Redirection Attempt
1012380 - Identified Suspicious File Transfer From RDP Redirect Drive
1007969* - Identified Suspicious Remote Desktop Protocol (RDP) Brute Force Attempt (ATT&CK T1110, T1021.001)
Unix Samba
1012437 - Linux Kernel KSMBD NULL Pointer Dereference Vulnerability (CVE-2025-38191)
Web Application Common
1012352* - Pandora FMS Command Injection Vulnerability (CVE-2024-12971)
Web Application PHP Based
1012436 - WonderCMS Reflected Cross Site Scripting Vulnerability (CVE-2023-41425)
1012344* - WordPress 'Beautiful Taxonomy Filters' Plugin SQL Injection Vulnerability (CVE-2024-12270)
1012368* - WordPress 'WP Hotel Booking' Plugin SQL Injection Vulnerability (CVE-2023-5652)
1012347* - WordPress 'WP Load Gallery' Plugin Arbitrary File Upload Vulnerability (CVE-2025-23942)
Web Client Common
1012432 - Trend Micro Worry-Free Business Security Missing Authentication Vulnerability (CVE-2025-53378)
Web Server HTTPS
1012435 - ZendTo Directory Traversal Vulnerability (CVE-2025-34508)
Web Server SharePoint
1012390* - Microsoft SharePoint Server Spoofing Vulnerability (CVE-2025-49706 and CVE-2025-53771)
1012442 - Microsoft SharePoint Server-Side Request Forgery Vulnerability (CVE-2025-53760)
Windows Services RPC Client DCERPC
1012441 - Microsoft Windows NTLM Privilege Escalation Vulnerability (CVE-2025-54918)
pgAdmin
1012349* - pgAdmin Remote Code Execution Vulnerability (CVE-2025-2945)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Remote Desktop Protocol Server
1012383 - Identified RDS Local Resource Redirection Attempt
1012380 - Identified Suspicious File Transfer From RDP Redirect Drive
1007969* - Identified Suspicious Remote Desktop Protocol (RDP) Brute Force Attempt (ATT&CK T1110, T1021.001)
Unix Samba
1012437 - Linux Kernel KSMBD NULL Pointer Dereference Vulnerability (CVE-2025-38191)
Web Application Common
1012352* - Pandora FMS Command Injection Vulnerability (CVE-2024-12971)
Web Application PHP Based
1012436 - WonderCMS Reflected Cross Site Scripting Vulnerability (CVE-2023-41425)
1012344* - WordPress 'Beautiful Taxonomy Filters' Plugin SQL Injection Vulnerability (CVE-2024-12270)
1012368* - WordPress 'WP Hotel Booking' Plugin SQL Injection Vulnerability (CVE-2023-5652)
1012347* - WordPress 'WP Load Gallery' Plugin Arbitrary File Upload Vulnerability (CVE-2025-23942)
Web Client Common
1012432 - Trend Micro Worry-Free Business Security Missing Authentication Vulnerability (CVE-2025-53378)
Web Server HTTPS
1012435 - ZendTo Directory Traversal Vulnerability (CVE-2025-34508)
Web Server SharePoint
1012390* - Microsoft SharePoint Server Spoofing Vulnerability (CVE-2025-49706 and CVE-2025-53771)
1012442 - Microsoft SharePoint Server-Side Request Forgery Vulnerability (CVE-2025-53760)
Windows Services RPC Client DCERPC
1012441 - Microsoft Windows NTLM Privilege Escalation Vulnerability (CVE-2025-54918)
pgAdmin
1012349* - pgAdmin Remote Code Execution Vulnerability (CVE-2025-2945)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Ivanti Endpoint Manager
1012253* - Ivanti Endpoint Manager SQL Injection Vulnerabilities (CVE-2024-32848 and CVE-2024-13162)
OneDev Server
1012270* - OneDev Arbitrary File Read Vulnerability (CVE-2024-45309)
OpenSSL
1012310* - OpenSSL Denial of Service Vulnerability (CVE-2024-6119) - Server
Unix RSync
1012430 - Rsync Information Disclosure Vulnerability (CVE-2024-12085)
Web Application PHP Based
1012308* - WordPress 'Hunk Companion' Plugin Broken Access Control Vulnerability (CVE-2024-11972)
1012431 - WordPress 'WPvivid Backup' Plugin Arbitrary File Upload Vulnerability (CVE-2025-5961)
Web Server Miscellaneous
1012315* - Zimbra Collaboration SQL Injection Vulnerability (CVE-2025-25064)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1004057* - Microsoft Windows Security Events - 1
Deep Packet Inspection Rules:
Ivanti Endpoint Manager
1012253* - Ivanti Endpoint Manager SQL Injection Vulnerabilities (CVE-2024-32848 and CVE-2024-13162)
OneDev Server
1012270* - OneDev Arbitrary File Read Vulnerability (CVE-2024-45309)
OpenSSL
1012310* - OpenSSL Denial of Service Vulnerability (CVE-2024-6119) - Server
Unix RSync
1012430 - Rsync Information Disclosure Vulnerability (CVE-2024-12085)
Web Application PHP Based
1012308* - WordPress 'Hunk Companion' Plugin Broken Access Control Vulnerability (CVE-2024-11972)
1012431 - WordPress 'WPvivid Backup' Plugin Arbitrary File Upload Vulnerability (CVE-2025-5961)
Web Server Miscellaneous
1012315* - Zimbra Collaboration SQL Injection Vulnerability (CVE-2025-25064)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1004057* - Microsoft Windows Security Events - 1
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Adobe Experience Manager
1012427 - Adobe Experience Manager Remote Code Execution Vulnerability (CVE-2025-54253)
CyberPanel
1012196* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-51567)
GhostCMS
1012434 - Ghost CMS Directory Traversal Vulnerability (CVE-2023-32235)
Ivanti Endpoint Manager
1012345* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2025-22461)
JetBrains TeamCity
1012429 - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-52876)
Mail Server Common
1012173* - Roundcube Webmail Stored Cross-Site Scripting Vulnerability (CVE-2024-42009)
Web Application PHP Based
1012247* - WordPress 'Super Backup & Clone' Plugin Arbitrary File Upload Vulnerability (CVE-2024-9290)
Web Application Tomcat
1012251* - LibreNMS Command Injection Vulnerability (CVE-2024-51092)
Web Server HTTPS
1012353* - Cacti SQL Injection Vulnerability (CVE-2024-54146)
1012233* - WordPress 'FundEngine Donation and Crowdfunding Platform' SQL Injection Vulnerability (CVE-2022-0788)
1012320* - WordPress 'KiviCare' Plugin SQL Injection Vulnerability (CVE-2024-11728)
1012224* - WordPress 'Really Simple Security' Plugin Authentication Bypass Vulnerability (CVE-2024-10924)
1012223* - WordPress Core Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2024-31210)
1012365* - Zabbix SQL Injection Vulnerability (CVE-2024-36465)
Web Server Nagios
1012329* - Nagios XI SQL Injection Vulnerability (CVE-2023-48084)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1012433 - Group Managed Service Account Password Access Attempt
1002795* - Microsoft Windows Events
Deep Packet Inspection Rules:
Adobe Experience Manager
1012427 - Adobe Experience Manager Remote Code Execution Vulnerability (CVE-2025-54253)
CyberPanel
1012196* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-51567)
GhostCMS
1012434 - Ghost CMS Directory Traversal Vulnerability (CVE-2023-32235)
Ivanti Endpoint Manager
1012345* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2025-22461)
JetBrains TeamCity
1012429 - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-52876)
Mail Server Common
1012173* - Roundcube Webmail Stored Cross-Site Scripting Vulnerability (CVE-2024-42009)
Web Application PHP Based
1012247* - WordPress 'Super Backup & Clone' Plugin Arbitrary File Upload Vulnerability (CVE-2024-9290)
Web Application Tomcat
1012251* - LibreNMS Command Injection Vulnerability (CVE-2024-51092)
Web Server HTTPS
1012353* - Cacti SQL Injection Vulnerability (CVE-2024-54146)
1012233* - WordPress 'FundEngine Donation and Crowdfunding Platform' SQL Injection Vulnerability (CVE-2022-0788)
1012320* - WordPress 'KiviCare' Plugin SQL Injection Vulnerability (CVE-2024-11728)
1012224* - WordPress 'Really Simple Security' Plugin Authentication Bypass Vulnerability (CVE-2024-10924)
1012223* - WordPress Core Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2024-31210)
1012365* - Zabbix SQL Injection Vulnerability (CVE-2024-36465)
Web Server Nagios
1012329* - Nagios XI SQL Injection Vulnerability (CVE-2023-48084)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1012433 - Group Managed Service Account Password Access Attempt
1002795* - Microsoft Windows Events
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
FTP Server IIS
1012386 - SolarWinds Serv-U Directory Traversal Vulnerability (CVE-2024-45711)
Ivanti Endpoint Manager
1012214* - Ivanti Endpoint Manager SQL Injection Vulnerabilities (CVE-2024-32847 and CVE-2024-37376)
1012211* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32839)
1012213* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32841)
JetBrains TeamCity
1012420 - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-52877)
Splunk API
1012422 - Splunk Enterprise Reflected Cross-Site Scripting Vulnerability (CVE-2025-20297)
Trend Micro OfficeScan
1012202* - Trend Micro Apex One SQL Injection Vulnerability (CVE-2024-39753)
Web Application PHP Based
1012416 - WordPress 'AIT CSV Import/Export' Plugin Arbitrary File Upload Vulnerability (CVE-2020-36849)
1012428 - WordPress 'Web Directory Free' Plugin SQL Injection Vulnerability (CVE-2024-3552)
Web Client HTTPS
1012419 - Microsoft Windows Management Console Security Feature Bypass Vulnerability (CVE-2025-26633)
Web Server Adobe ColdFusion
1012414 - Adobe ColdFusion Command Injection Vulnerability (CVE-2025-43562)
Web Server HTTPS
1012170* - Centreon SQL Injection Vulnerability (CVE-2024-39842 and CVE-2024-39843)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
FTP Server IIS
1012386 - SolarWinds Serv-U Directory Traversal Vulnerability (CVE-2024-45711)
Ivanti Endpoint Manager
1012214* - Ivanti Endpoint Manager SQL Injection Vulnerabilities (CVE-2024-32847 and CVE-2024-37376)
1012211* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32839)
1012213* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32841)
JetBrains TeamCity
1012420 - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-52877)
Splunk API
1012422 - Splunk Enterprise Reflected Cross-Site Scripting Vulnerability (CVE-2025-20297)
Trend Micro OfficeScan
1012202* - Trend Micro Apex One SQL Injection Vulnerability (CVE-2024-39753)
Web Application PHP Based
1012416 - WordPress 'AIT CSV Import/Export' Plugin Arbitrary File Upload Vulnerability (CVE-2020-36849)
1012428 - WordPress 'Web Directory Free' Plugin SQL Injection Vulnerability (CVE-2024-3552)
Web Client HTTPS
1012419 - Microsoft Windows Management Console Security Feature Bypass Vulnerability (CVE-2025-26633)
Web Server Adobe ColdFusion
1012414 - Adobe ColdFusion Command Injection Vulnerability (CVE-2025-43562)
Web Server HTTPS
1012170* - Centreon SQL Injection Vulnerability (CVE-2024-39842 and CVE-2024-39843)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Kubernetes Ingress-Nginx Controller
1012367* - Kubernetes Ingress-Nginx Multiple Code Injection Vulnerabilities
Mail Server Postfix
1012235* - Zimbra Collaboration Command Injection Vulnerability (CVE-2024-45519)
Progress WhatsUp Gold
1012242* - Progress WhatsUp Gold SQL Injection Vulnerability (CVE-2024-46906)
Redis Server
1012413 - Redis Out of Bound Write Vulnerability (CVE-2025-32023)
Trend Micro OfficeScan
1012421 - Trend Micro Apex One Command Injection Vulnerability (CVE-2025-54948 and CVE-2025-54987)
Web Application PHP Based
1012247* - WordPress 'Super Backup & Clone' Plugin Arbitrary File Upload Vulnerability (CVE-2024-9290)
Web Client HTTPS
1012418 - MCP-Remote Command Injection Vulnerability (CVE-2025-6514)
Web Server HTTPS
1012241* - Cacti Stored Cross-Site Scripting Vulnerabilities (CVE-2024-43364 and CVE-2024-43365)
1012224* - WordPress 'Really Simple Security' Plugin Authentication Bypass Vulnerability (CVE-2024-10924)
Web Server SharePoint
1012423 - Microsoft SharePoint Server Denial-of-Service Vulnerability (ZDI-CAN-25207)
1012424 - Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability (ZDI-CAN-24831)
Windows Services RPC Client DCERPC
1012425 - Microsoft Windows NTLM Elevation Of Privilege Vulnerability (CVE-2025-53778)
Integrity Monitoring Rules:
1002770* - Linux/Unix - File attributes in the /usr/bin and /usr/sbin directories modified
Log Inspection Rules:
1008670* - Microsoft Windows Security Events - 3
Deep Packet Inspection Rules:
Kubernetes Ingress-Nginx Controller
1012367* - Kubernetes Ingress-Nginx Multiple Code Injection Vulnerabilities
Mail Server Postfix
1012235* - Zimbra Collaboration Command Injection Vulnerability (CVE-2024-45519)
Progress WhatsUp Gold
1012242* - Progress WhatsUp Gold SQL Injection Vulnerability (CVE-2024-46906)
Redis Server
1012413 - Redis Out of Bound Write Vulnerability (CVE-2025-32023)
Trend Micro OfficeScan
1012421 - Trend Micro Apex One Command Injection Vulnerability (CVE-2025-54948 and CVE-2025-54987)
Web Application PHP Based
1012247* - WordPress 'Super Backup & Clone' Plugin Arbitrary File Upload Vulnerability (CVE-2024-9290)
Web Client HTTPS
1012418 - MCP-Remote Command Injection Vulnerability (CVE-2025-6514)
Web Server HTTPS
1012241* - Cacti Stored Cross-Site Scripting Vulnerabilities (CVE-2024-43364 and CVE-2024-43365)
1012224* - WordPress 'Really Simple Security' Plugin Authentication Bypass Vulnerability (CVE-2024-10924)
Web Server SharePoint
1012423 - Microsoft SharePoint Server Denial-of-Service Vulnerability (ZDI-CAN-25207)
1012424 - Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability (ZDI-CAN-24831)
Windows Services RPC Client DCERPC
1012425 - Microsoft Windows NTLM Elevation Of Privilege Vulnerability (CVE-2025-53778)
Integrity Monitoring Rules:
1002770* - Linux/Unix - File attributes in the /usr/bin and /usr/sbin directories modified
Log Inspection Rules:
1008670* - Microsoft Windows Security Events - 3
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
HPE Insight Remote Support
1012304* - HPE Insight Remote Support Directory Traversal Vulnerability (CVE-2024-53676)
Ivanti Avalanche
1012411 - Ivanti Avalanche Enterprise Service Arbitrary File Upload Vulnerability (CVE-2021-42125)
Progress WhatsUp Gold
1012237* - Progress WhatsUp Gold SQL Injection Vulnerability (CVE-2024-46905)
SolarWinds Dameware Web Help Desk
1012127* - SolarWinds Dameware Web Help Desk Multiple Deserialization Remote Code Execution Vulnerabilities (CVE-2024-28986 and CVE-2024-28988)
Unix Samba
1012409 - Linux Kernel KSMBD Use After Free Vulnerability (CVE-2025-37778)
Web Application PHP Based
1012307* - WordPress 'Tutor LMS' Plugin SQL Injection Vulnerability (CVE-2024-10400)
1012313* - WordPress 'Ultimate Exporter' Plugin Command Injection Vulnerability (CVE-2024-56278)
Web Server Adobe ColdFusion
1012405 - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49541)
1012407 - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49542)
1012406 - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49543)
Windows SMB Server
1012394* - Microsoft Windows NEGOEX Remote Code Execution Vulnerability (CVE-2025-47981)
Wing FTP Server
1012410* - Wing FTP Server Remote Code Execution Vulnerability (CVE-2025-47812)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
HPE Insight Remote Support
1012304* - HPE Insight Remote Support Directory Traversal Vulnerability (CVE-2024-53676)
Ivanti Avalanche
1012411 - Ivanti Avalanche Enterprise Service Arbitrary File Upload Vulnerability (CVE-2021-42125)
Progress WhatsUp Gold
1012237* - Progress WhatsUp Gold SQL Injection Vulnerability (CVE-2024-46905)
SolarWinds Dameware Web Help Desk
1012127* - SolarWinds Dameware Web Help Desk Multiple Deserialization Remote Code Execution Vulnerabilities (CVE-2024-28986 and CVE-2024-28988)
Unix Samba
1012409 - Linux Kernel KSMBD Use After Free Vulnerability (CVE-2025-37778)
Web Application PHP Based
1012307* - WordPress 'Tutor LMS' Plugin SQL Injection Vulnerability (CVE-2024-10400)
1012313* - WordPress 'Ultimate Exporter' Plugin Command Injection Vulnerability (CVE-2024-56278)
Web Server Adobe ColdFusion
1012405 - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49541)
1012407 - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49542)
1012406 - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49543)
Windows SMB Server
1012394* - Microsoft Windows NEGOEX Remote Code Execution Vulnerability (CVE-2025-47981)
Wing FTP Server
1012410* - Wing FTP Server Remote Code Execution Vulnerability (CVE-2025-47812)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
CyberPanel
1012300* - CyberPanel Command Injection Vulnerability (CVE-2024-51378)
1012299* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-53376)
PaperCut
1012415 - PaperCut NG and MF Cross-Site Request Forgery Vulnerability (CVE-2023-2533)
Progress WhatsUp Gold
1012239* - Progress WhatsUp Gold SQL Injection Vulnerability (CVE-2024-46907)
Web Application PHP Based
1012401 - WordPress 'Depicter' Plugin SQL Injection Vulnerability (CVE-2025-2011)
1012301* - WordPress 'Quiz Maker' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2023-2571)
Web Server Adobe ColdFusion
1012408 - Adobe ColdFusion Command Injection Vulnerability (CVE-2025-49537)
1012404* - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49540)
Web Server Common
1012412 - Bypass Network Scanner Traffic - XFF
Web Server HTTPS
1012354* - Craft CMS Remote Code Execution Vulnerability (CVE-2025-32432)
1012292* - Zabbix SQL Injection Vulnerability (CVE-2024-42327)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
CyberPanel
1012300* - CyberPanel Command Injection Vulnerability (CVE-2024-51378)
1012299* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-53376)
PaperCut
1012415 - PaperCut NG and MF Cross-Site Request Forgery Vulnerability (CVE-2023-2533)
Progress WhatsUp Gold
1012239* - Progress WhatsUp Gold SQL Injection Vulnerability (CVE-2024-46907)
Web Application PHP Based
1012401 - WordPress 'Depicter' Plugin SQL Injection Vulnerability (CVE-2025-2011)
1012301* - WordPress 'Quiz Maker' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2023-2571)
Web Server Adobe ColdFusion
1012408 - Adobe ColdFusion Command Injection Vulnerability (CVE-2025-49537)
1012404* - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49540)
Web Server Common
1012412 - Bypass Network Scanner Traffic - XFF
Web Server HTTPS
1012354* - Craft CMS Remote Code Execution Vulnerability (CVE-2025-32432)
1012292* - Zabbix SQL Injection Vulnerability (CVE-2024-42327)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services - Client
1012403 - Microsoft Windows SMB Client Elevation Of Privilege Vulnerability (CVE-2025-33073)
Directory Server LDAP
1012240* - Microsoft Windows Active Directory Denial of Service Vulnerability (CVE-2024-49113)
HPE Insight Remote Support
1012389 - HPE Insight Remote Support Directory Traversal Vulnerability (CVE-2025-37098)
Ivanti Avalanche
1012296* - Ivanti Avalanche Path Traversal Vulnerability (CVE-2024-13179)
Progress WhatsUp Gold
1012287* - Progress WhatsUp Gold Directory Traversal Vulnerability (CVE-2024-12105)
1012236* - Progress WhatsUp Gold SQL Injection Vulnerability (CVE-2024-46908)
Web Application Common
1012290* - Pandora FMS Command Injection Vulnerability (CVE-2024-11320)
Web Application PHP Based
1012395 - WordPress 'HTML5 Video Player' Plugin SQL Injection Vulnerability (CVE-2024-1061)
1012400 - WordPress 'Kubio AI Page Builder' Plugin Local File Inclusion Vulnerability (CVE-2025-2294)
Web Client Common
1012379* - Microsoft Windows Remote Code Execution Vulnerability (CVE-2025-33053)
Web Server SharePoint
1012390* - Microsoft SharePoint Server Spoofing Vulnerability (CVE-2025-49706 and CVE-2025-53771)
Wing FTP Server
1012410 - Wing FTP Server Remote Code Execution Vulnerability (CVE-2025-47812)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services - Client
1012403 - Microsoft Windows SMB Client Elevation Of Privilege Vulnerability (CVE-2025-33073)
Directory Server LDAP
1012240* - Microsoft Windows Active Directory Denial of Service Vulnerability (CVE-2024-49113)
HPE Insight Remote Support
1012389 - HPE Insight Remote Support Directory Traversal Vulnerability (CVE-2025-37098)
Ivanti Avalanche
1012296* - Ivanti Avalanche Path Traversal Vulnerability (CVE-2024-13179)
Progress WhatsUp Gold
1012287* - Progress WhatsUp Gold Directory Traversal Vulnerability (CVE-2024-12105)
1012236* - Progress WhatsUp Gold SQL Injection Vulnerability (CVE-2024-46908)
Web Application Common
1012290* - Pandora FMS Command Injection Vulnerability (CVE-2024-11320)
Web Application PHP Based
1012395 - WordPress 'HTML5 Video Player' Plugin SQL Injection Vulnerability (CVE-2024-1061)
1012400 - WordPress 'Kubio AI Page Builder' Plugin Local File Inclusion Vulnerability (CVE-2025-2294)
Web Client Common
1012379* - Microsoft Windows Remote Code Execution Vulnerability (CVE-2025-33053)
Web Server SharePoint
1012390* - Microsoft SharePoint Server Spoofing Vulnerability (CVE-2025-49706 and CVE-2025-53771)
Wing FTP Server
1012410 - Wing FTP Server Remote Code Execution Vulnerability (CVE-2025-47812)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services - Client
1012075* - Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability Over SMB (CVE-2024-38112)
1005153* - Print Spooler Service Format String Vulnerability (CVE-2012-1851) II
DNS Client
1008571* - DNS Request To ShadowPad Domain Detection
Kubernetes Ingress-Nginx Controller
1012367 - Kubernetes Ingress-Nginx Multiple Code Injection Vulnerabilities
Redis Server
1012286* - Redis Use After Free Vulnerability (CVE-2024-46981)
Solr Service
1012280* - Apache Solr Authentication Bypass Vulnerability (CVE-2024-45216)
Web Application PHP Based
1012277* - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2024-53457)
1012265* - WordPress 'White Label CMS' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0422)
Web Client HTTPS
1010132* - Microsoft Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601) - 1
Web Server Adobe ColdFusion
1012404 - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49540)
Web Server Adobe ColdFusion AddOns
1012402 - Adobe ColdFusion XML External Entity Injection Vulnerability (CVE-2025-49538)
Web Server HTTPS
1012284* - Apache Traffic Control SQL Injection Vulnerability (CVE-2024-45387)
Web Server Miscellaneous
1008207* - Apache Struts2 Remote Code Execution Vulnerability (CVE-2017-5638)
1012398 - XWiki SQL Injection Vulnerability (CVE-2025-32969)
Windows Services RPC Client DCERPC
1012178* - Identified Windows DCERPC AUTH LEVEL CONNECT Windows Remote Registry Request
Windows Services RPC Server DCERPC
1010519* - Netlogon Elevation Of Privilege Vulnerability (Zerologon) (CVE-2020-1472)
Zoho ManageEngine ADSelfService Plus
1012393 - Zoho ManageEngine ADSelfService Plus SQL Injection Vulnerability (CVE-2025-3833)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services - Client
1012075* - Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability Over SMB (CVE-2024-38112)
1005153* - Print Spooler Service Format String Vulnerability (CVE-2012-1851) II
DNS Client
1008571* - DNS Request To ShadowPad Domain Detection
Kubernetes Ingress-Nginx Controller
1012367 - Kubernetes Ingress-Nginx Multiple Code Injection Vulnerabilities
Redis Server
1012286* - Redis Use After Free Vulnerability (CVE-2024-46981)
Solr Service
1012280* - Apache Solr Authentication Bypass Vulnerability (CVE-2024-45216)
Web Application PHP Based
1012277* - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2024-53457)
1012265* - WordPress 'White Label CMS' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0422)
Web Client HTTPS
1010132* - Microsoft Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601) - 1
Web Server Adobe ColdFusion
1012404 - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49540)
Web Server Adobe ColdFusion AddOns
1012402 - Adobe ColdFusion XML External Entity Injection Vulnerability (CVE-2025-49538)
Web Server HTTPS
1012284* - Apache Traffic Control SQL Injection Vulnerability (CVE-2024-45387)
Web Server Miscellaneous
1008207* - Apache Struts2 Remote Code Execution Vulnerability (CVE-2017-5638)
1012398 - XWiki SQL Injection Vulnerability (CVE-2025-32969)
Windows Services RPC Client DCERPC
1012178* - Identified Windows DCERPC AUTH LEVEL CONNECT Windows Remote Registry Request
Windows Services RPC Server DCERPC
1010519* - Netlogon Elevation Of Privilege Vulnerability (Zerologon) (CVE-2020-1472)
Zoho ManageEngine ADSelfService Plus
1012393 - Zoho ManageEngine ADSelfService Plus SQL Injection Vulnerability (CVE-2025-3833)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.