Deep Security Center
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
HP Intelligent Management Center (IMC)
1012392* - Apache OFBiz Stored Cross-Site Scripting Vulnerability (CVE-2025-30676)
JetBrains TeamCity
1012420* - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-52877)
Telnet Server
1012523 - Telnetd GNU InetUtils Authentication Bypass Vulnerability (CVE-2026-24061)
Web Server Adobe ColdFusion
1012509 - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2025-43566)
Web Server HTTPS
1012518 - Bagisto Server-Side Template Injection Vulnerability (CVE-2026-21450)
Zimbra Admin Console Ports
1012503 - Zimbra Collaboration Denial of Service Vulnerability (CVE-2025-53645)
Zoho ManageEngine AssetExplorer_SupportCenter Plus_ADManager Plus
1012517 - Zoho ManageEngine Analytics Plus SQL Injection Vulnerability (CVE-2025-9428)
n8n
1012513 - n8n Remote Code Execution Vulnerability (CVE-2025-68613)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
HP Intelligent Management Center (IMC)
1012392* - Apache OFBiz Stored Cross-Site Scripting Vulnerability (CVE-2025-30676)
JetBrains TeamCity
1012420* - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-52877)
Telnet Server
1012523 - Telnetd GNU InetUtils Authentication Bypass Vulnerability (CVE-2026-24061)
Web Server Adobe ColdFusion
1012509 - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2025-43566)
Web Server HTTPS
1012518 - Bagisto Server-Side Template Injection Vulnerability (CVE-2026-21450)
Zimbra Admin Console Ports
1012503 - Zimbra Collaboration Denial of Service Vulnerability (CVE-2025-53645)
Zoho ManageEngine AssetExplorer_SupportCenter Plus_ADManager Plus
1012517 - Zoho ManageEngine Analytics Plus SQL Injection Vulnerability (CVE-2025-9428)
n8n
1012513 - n8n Remote Code Execution Vulnerability (CVE-2025-68613)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
HP Intelligent Management Center (IMC)
1012451* - Apache OFBiz Argument Injection Vulnerability (CVE-2025-54466) - 1
1012452* - Apache OFBiz Argument Injection Vulnerability (CVE-2025-54466) - 2
Web Server Adobe ColdFusion
1012414* - Adobe ColdFusion Command Injection Vulnerability (CVE-2025-43562)
1012408* - Adobe ColdFusion Command Injection Vulnerability (CVE-2025-49537)
1012407* - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49542)
Web Server Apache Tika
1012514 - Apache Tika XML External Entity Vulnerability (CVE-2025-66516)
Web Server HTTPS
1012515 - GeoServer XML External Entity Vulnerability (CVE-2025-58360)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
HP Intelligent Management Center (IMC)
1012451* - Apache OFBiz Argument Injection Vulnerability (CVE-2025-54466) - 1
1012452* - Apache OFBiz Argument Injection Vulnerability (CVE-2025-54466) - 2
Web Server Adobe ColdFusion
1012414* - Adobe ColdFusion Command Injection Vulnerability (CVE-2025-43562)
1012408* - Adobe ColdFusion Command Injection Vulnerability (CVE-2025-49537)
1012407* - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49542)
Web Server Apache Tika
1012514 - Apache Tika XML External Entity Vulnerability (CVE-2025-66516)
Web Server HTTPS
1012515 - GeoServer XML External Entity Vulnerability (CVE-2025-58360)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Adobe ColdFusion Central Config Server
1012491 - Adobe ColdFusion Directory Traversal Vulnerabilities (CVE-2025-61812 and CVE-2025-61822)
DCERPC Services - Client
1009058* - Detected Server Message Block (SMB) Outgoing Request
Flowise
1012507 - Flowise Command Injection Vulnerability (CVE-2025-8943)
React Server
1012511 - React Server Denial of Service Vulnerability (CVE-2025-55184)
1012512 - React Server Information Leak Vulnerability (CVE-2025-55183)
Unix Samba
1012409* - Linux Kernel KSMBD Use After Free Vulnerability (CVE-2025-37778)
Veeam Backup and Replication
1012501 - Veeam Backup and Replication Credential Disclosure Vulnerability (CVE-2023-27532)
Web Application Ruby Based
1012492* - Grafana Open Redirect Vulnerability (CVE-2025-6197)
Web Server HTTPS
1012435* - ZendTo Directory Traversal Vulnerability (CVE-2025-34508)
Webmin
1012479 - Webmin Cross-Site Scripting Vulnerability (CVE-2020-8821)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Adobe ColdFusion Central Config Server
1012491 - Adobe ColdFusion Directory Traversal Vulnerabilities (CVE-2025-61812 and CVE-2025-61822)
DCERPC Services - Client
1009058* - Detected Server Message Block (SMB) Outgoing Request
Flowise
1012507 - Flowise Command Injection Vulnerability (CVE-2025-8943)
React Server
1012511 - React Server Denial of Service Vulnerability (CVE-2025-55184)
1012512 - React Server Information Leak Vulnerability (CVE-2025-55183)
Unix Samba
1012409* - Linux Kernel KSMBD Use After Free Vulnerability (CVE-2025-37778)
Veeam Backup and Replication
1012501 - Veeam Backup and Replication Credential Disclosure Vulnerability (CVE-2023-27532)
Web Application Ruby Based
1012492* - Grafana Open Redirect Vulnerability (CVE-2025-6197)
Web Server HTTPS
1012435* - ZendTo Directory Traversal Vulnerability (CVE-2025-34508)
Webmin
1012479 - Webmin Cross-Site Scripting Vulnerability (CVE-2020-8821)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Apache Kylin
1012500 - Apache Kylin Arbitrary File Read Vulnerability (CVE-2025-61734)
CyberPanel
1012377* - CyberPanel Command Injection Vulnerability (CVE-2024-51568)
Ivanti Avalanche Remote Control Server
1012176* - Ivanti Avalanche Server-Side Request Forgery Vulnerability (CVE-2024-47008)
Progress WhatsUp Gold WCF service
1012117* - Progress WhatsUp Gold Directory Traversal Vulnerability (CVE-2024-4883 & CVE-2024-46909)
Unix Samba
1012437* - Linux Kernel KSMBD NULL Pointer Dereference Vulnerability (CVE-2025-38191)
Web Application PHP Based
1012475 - WordPress 'Events Manager' Plugin SQL Injection Vulnerability (CVE-2025-6970)
1007222* - WordPress Ajax Load More Plugin File Upload Vulnerability
1009168* - WordPress Authenticated Arbitrary File Deletion Vulnerability (CVE-2018-12895)
1006390* - WordPress Denial Of Service Vulnerability (CVE-2014-9034)
1007178* - WordPress Font Plugin Path Traversal Vulnerability (CVE-2015-7683)
1009544* - WordPress Image Remote Code Execution Vulnerability (CVE-2019-8942)
1008140* - WordPress REST API Unauthenticated Content Injection Vulnerability
1008411* - WordPress Tracking Code Manager Plugin Denial Of Service Vulnerability
1006436* - WordPress WP Symposium Shell Upload Vulnerability
1006467* - Wordpress XML-RPC Pingback gethostbyname Heap-based Buffer Overflow Vulnerability
1006242* - Wordpress XML-RPC XML Denial Of Service Vulnerability
Web Server HTTPS
1012384* - Roundcube Webmail Insecure Deserialization Vulnerability (CVE-2025-49113)
1012508 - WordPress 'AI Engine' Plugin Sensitive Information Exposure Vulnerability (CVE-2025-11749)
1012502 - WordPress 'Sneeit Framework' Plugin Remote Code Execution Vulnerability (CVE-2025-6389)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Apache Kylin
1012500 - Apache Kylin Arbitrary File Read Vulnerability (CVE-2025-61734)
CyberPanel
1012377* - CyberPanel Command Injection Vulnerability (CVE-2024-51568)
Ivanti Avalanche Remote Control Server
1012176* - Ivanti Avalanche Server-Side Request Forgery Vulnerability (CVE-2024-47008)
Progress WhatsUp Gold WCF service
1012117* - Progress WhatsUp Gold Directory Traversal Vulnerability (CVE-2024-4883 & CVE-2024-46909)
Unix Samba
1012437* - Linux Kernel KSMBD NULL Pointer Dereference Vulnerability (CVE-2025-38191)
Web Application PHP Based
1012475 - WordPress 'Events Manager' Plugin SQL Injection Vulnerability (CVE-2025-6970)
1007222* - WordPress Ajax Load More Plugin File Upload Vulnerability
1009168* - WordPress Authenticated Arbitrary File Deletion Vulnerability (CVE-2018-12895)
1006390* - WordPress Denial Of Service Vulnerability (CVE-2014-9034)
1007178* - WordPress Font Plugin Path Traversal Vulnerability (CVE-2015-7683)
1009544* - WordPress Image Remote Code Execution Vulnerability (CVE-2019-8942)
1008140* - WordPress REST API Unauthenticated Content Injection Vulnerability
1008411* - WordPress Tracking Code Manager Plugin Denial Of Service Vulnerability
1006436* - WordPress WP Symposium Shell Upload Vulnerability
1006467* - Wordpress XML-RPC Pingback gethostbyname Heap-based Buffer Overflow Vulnerability
1006242* - Wordpress XML-RPC XML Denial Of Service Vulnerability
Web Server HTTPS
1012384* - Roundcube Webmail Insecure Deserialization Vulnerability (CVE-2025-49113)
1012508 - WordPress 'AI Engine' Plugin Sensitive Information Exposure Vulnerability (CVE-2025-11749)
1012502 - WordPress 'Sneeit Framework' Plugin Remote Code Execution Vulnerability (CVE-2025-6389)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Apache Kylin
1012483* - Apache Kylin Authentication Bypass Vulnerability (CVE-2025-61733)
React Server
1012506 - React Server Remote Code Execution Vulnerability (CVE-2025-55182 and CVE-2025-66478) - 3
Web Application Common
1012505 - Identified Suspicious PHP Command Injection Attack in URI
Web Application Ruby Based
1012438 - Grafana Open Redirect Vulnerability (CVE-2025-4123)
Web Server HTTPS
1012489* - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2025-62411)
1012469* - WordPress 'Everest Forms' Plugin Unrestricted File Upload Vulnerability (CVE-2025-1128)
Web Server Miscellaneous
1012303* - XWiki Code Injection Vulnerability (CVE-2025-24893)
Zoho ManageEngine ADAuditPlus
1012467* - Zoho ManageEngine ADAudit Plus SQL Injection Vulnerability (CVE-2025-36527)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Apache Kylin
1012483* - Apache Kylin Authentication Bypass Vulnerability (CVE-2025-61733)
React Server
1012506 - React Server Remote Code Execution Vulnerability (CVE-2025-55182 and CVE-2025-66478) - 3
Web Application Common
1012505 - Identified Suspicious PHP Command Injection Attack in URI
Web Application Ruby Based
1012438 - Grafana Open Redirect Vulnerability (CVE-2025-4123)
Web Server HTTPS
1012489* - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2025-62411)
1012469* - WordPress 'Everest Forms' Plugin Unrestricted File Upload Vulnerability (CVE-2025-1128)
Web Server Miscellaneous
1012303* - XWiki Code Injection Vulnerability (CVE-2025-24893)
Zoho ManageEngine ADAuditPlus
1012467* - Zoho ManageEngine ADAudit Plus SQL Injection Vulnerability (CVE-2025-36527)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
React Server
1012499 - Identified Suspicious React Gadgets
SAP NetWeaver Java Application Server
1012455* - SAP NetWeaver AS JAVA Directory Traversal Vulnerability (CVE-2017-12637)
Unix Samba
1012454* - Linux Kernel KSMBD NULL Pointer Dereference Vulnerability (CVE-2025-22037)
Web Server HTTPS
1012489 - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2025-62411)
1012453* - Sitecore Experience Manager and Platform Cache Poisoning Vulnerability (CVE-2025-53693)
Web Server IIS
1012484 - Microsoft Windows ASP.NET HTTP Request Smuggling Vulnerability (CVE-2025-55315)
Web Server Miscellaneous
1012030* - XWiki Code Injection Vulnerability (CVE-2024-31982)
Web Server SharePoint
1012442* - Microsoft SharePoint Server-Side Request Forgery Vulnerability (CVE-2025-53760)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
React Server
1012499 - Identified Suspicious React Gadgets
SAP NetWeaver Java Application Server
1012455* - SAP NetWeaver AS JAVA Directory Traversal Vulnerability (CVE-2017-12637)
Unix Samba
1012454* - Linux Kernel KSMBD NULL Pointer Dereference Vulnerability (CVE-2025-22037)
Web Server HTTPS
1012489 - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2025-62411)
1012453* - Sitecore Experience Manager and Platform Cache Poisoning Vulnerability (CVE-2025-53693)
Web Server IIS
1012484 - Microsoft Windows ASP.NET HTTP Request Smuggling Vulnerability (CVE-2025-55315)
Web Server Miscellaneous
1012030* - XWiki Code Injection Vulnerability (CVE-2024-31982)
Web Server SharePoint
1012442* - Microsoft SharePoint Server-Side Request Forgery Vulnerability (CVE-2025-53760)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
JetBrains TeamCity
1012470* - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-54534)
Network Scanner
1008800* - Bypass Network Scanner Traffic
React Server
1012497* - React Server Remote Code Execution Vulnerability (CVE-2025-55182 and CVE-2025-66478) - 1
1012494* - React Server Remote Code Execution Vulnerability (CVE-2025-55182 and CVE-2025-66478) - 2
TFTP Client Decoder
1003526* - Enable TFTP Decoder
Web Application Ruby Based
1012492 - Grafana Open Redirect Vulnerability (CVE-2025-6197)
Web Client Common
1004715* - HTTP Web Client Decoding
Web Server Common
1012412* - Bypass Network Scanner Traffic - XFF
1012495 - DataEase Server-Side Request Forgery Vulnerability (CVE-2025-64163)
1000128* - HTTP Protocol Decoding
Web Server HTTPS
1012496 - Fairsketch Rise Ultimate Project Manager and CRM HTML Injection Vulnerability (CVE-2025-60378)
Windows Services RPC Client DCERPC
1007538* - Windows Client Port Mapper Decoder
Zoho ManageEngine ADAuditPlus
1012468* - Zoho ManageEngine ADAudit Plus SQL Injection Vulnerability (CVE-2025-3836)
dotCMS
1012471* - dotCMS SQL Injection Vulnerability (CVE-2025-8311)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
JetBrains TeamCity
1012470* - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-54534)
Network Scanner
1008800* - Bypass Network Scanner Traffic
React Server
1012497* - React Server Remote Code Execution Vulnerability (CVE-2025-55182 and CVE-2025-66478) - 1
1012494* - React Server Remote Code Execution Vulnerability (CVE-2025-55182 and CVE-2025-66478) - 2
TFTP Client Decoder
1003526* - Enable TFTP Decoder
Web Application Ruby Based
1012492 - Grafana Open Redirect Vulnerability (CVE-2025-6197)
Web Client Common
1004715* - HTTP Web Client Decoding
Web Server Common
1012412* - Bypass Network Scanner Traffic - XFF
1012495 - DataEase Server-Side Request Forgery Vulnerability (CVE-2025-64163)
1000128* - HTTP Protocol Decoding
Web Server HTTPS
1012496 - Fairsketch Rise Ultimate Project Manager and CRM HTML Injection Vulnerability (CVE-2025-60378)
Windows Services RPC Client DCERPC
1007538* - Windows Client Port Mapper Decoder
Zoho ManageEngine ADAuditPlus
1012468* - Zoho ManageEngine ADAudit Plus SQL Injection Vulnerability (CVE-2025-3836)
dotCMS
1012471* - dotCMS SQL Injection Vulnerability (CVE-2025-8311)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
React Server
1012497 - React Server Remote Code Execution Vulnerability (CVE-2025-55182 and CVE-2025-66478) - 1
1012494* - React Server Remote Code Execution Vulnerability (CVE-2025-55182 and CVE-2025-66478) - 2
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
React Server
1012497 - React Server Remote Code Execution Vulnerability (CVE-2025-55182 and CVE-2025-66478) - 1
1012494* - React Server Remote Code Execution Vulnerability (CVE-2025-55182 and CVE-2025-66478) - 2
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
React Server
1012494 - React Server Remote Code Execution Vulnerability (CVE-2025-55182)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
React Server
1012494 - React Server Remote Code Execution Vulnerability (CVE-2025-55182)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
CyberPanel
1012377* - CyberPanel Command Injection Vulnerability (CVE-2024-51568)
Ivanti Endpoint Manager
1012346* - Ivanti Endpoint Manager Multiple SQL Injection Vulnerabilities - 3
NodeBB
1012378* - NodeBB Stored Cross-Site Scripting Vulnerability (CVE-2025-29513)
Solr Service
1012493 - Apache Solr Information Disclosure Vulnerability (CVE-2023-50291)
Web Server HTTPS
1012372* - Trend Micro Apex Central Local File Inclusion Vulnerability (CVE-2025-47867)
1012490 - WordPress 'Post SMTP' Plugin Authentication Bypass Vulnerability (CVE-2025-11833)
Windows SMB Server
1012394* - Microsoft Windows NEGOEX Remote Code Execution Vulnerability (CVE-2025-47981)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
CyberPanel
1012377* - CyberPanel Command Injection Vulnerability (CVE-2024-51568)
Ivanti Endpoint Manager
1012346* - Ivanti Endpoint Manager Multiple SQL Injection Vulnerabilities - 3
NodeBB
1012378* - NodeBB Stored Cross-Site Scripting Vulnerability (CVE-2025-29513)
Solr Service
1012493 - Apache Solr Information Disclosure Vulnerability (CVE-2023-50291)
Web Server HTTPS
1012372* - Trend Micro Apex Central Local File Inclusion Vulnerability (CVE-2025-47867)
1012490 - WordPress 'Post SMTP' Plugin Authentication Bypass Vulnerability (CVE-2025-11833)
Windows SMB Server
1012394* - Microsoft Windows NEGOEX Remote Code Execution Vulnerability (CVE-2025-47981)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.