Libraseva urges users to patch now as it issues emergency fix following attacks

Libraseva urges users to patch now as it issues emergency fix following attacks




  • Libraesva patched CVE-2025-59689, a medium-severity remote command execution vulnerability
  • Attack exploited compressed email attachments; threat actor likely a hostile foreign state
  • Versions below 5.0 are unsupported and require manual upgrades to stay secure

Libraesva Email Security Gateway (ESG) has patched a medium-severity vulnerability apparently abused by state-sponsored threat actors to achieve remote command execution (RCE) capabilities on targeted endpoints.

In a security advisory, Libraesva announced addressing a command injection flaw which can be triggered by a malicious email with a specially crafted compressed attachment.



Source: Techradar

Leave a Reply

Your email address will not be published. Required fields are marked *