PT-2025-24632 · Undefined · Undefined
Published
2025-06-10
·
Updated
2025-06-10
·
CVE-2024-39992
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
CISA has just added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog:
- Erlang OTP (CVE-2024-39992)
- OpenSSH (CVE-2024-39993)
- Roundcube Webmail (CVE-2024-39994)
These vulnerabilities are actively being exploited in the wild and must be patched by June 25, 2025, as per Binding Operational Directive (BOD) 22-01.
💡 While Roundcube and OpenSSH are fairly common, the inclusion of Erlang is a reminder that even niche runtime environments can be targets.
📌 If you're running any of these, double-check your patch status.
📉 Unpatched systems remain at risk for privilege escalation, data exfiltration, or remote code execution.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Undefined