25-042 (October 14, 2025)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Gogs
1012334* - Gogs Arbitrary File Delete Vulnerability (CVE-2024-39931)
1012331* - Gogs Path Traversal Vulnerability (CVE-2024-55947)


HPE Insight Remote Support Client
1012323* - HPE Insight Remote Support XML External Entity Injection Vulnerability (CVE-2024-11622)


JetBrains TeamCity
1012466 - JetBrains TeamCity Directory Traversal Vulnerability (CVE-2025-59456)


SimpleHelp Server
1012326* - SimpleHelp Directory Traversal Vulnerability (CVE-2024-57727)


SolarWinds Dameware Web Help Desk
1012463 - SolarWinds Web Help Desk Insecure Deserialization Vulnerability (CVE-2025-26399)


Web Server HTTPS
1012461 - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2025-55296)
1012465 - Sitecore Experience Manager and Platform Authentication Bypass Vulnerability (CVE-2025-34509)


Web Server Nagios
1012275* - Nagios XI 'windows-winrm.inc.php' Command Injection Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.