November 13, 2025 ASM Discovery Engine Release

Attack Surface Management Discovery Engine release v2025.11.13

This Attack Surface Management Discovery Engine release includes:

Vulnerability Checks

Added CVE-2025-2748 - Kentico CMS - Unauthenticated Stored XSS
Added CVE-2025-2746 and CVE-2025-2747 - Kentico CMS - Authentication bypass
Added version check for CVE-2025-49844 - Redis - Remote Code Execution
Added CVE-2025-24893 - XWiki Platform Remote Code Execution
Added CVE-2025-12480 - Gladinet Triofox Authentication Bypass
Added CVE-2025-11371 - Gladinet CentreStack Unauthenticated Local File Inclusion Vulnerability

Technology Fingerprints

Added XWiki technology fingerprint
Added Gladinet Centrestack technology fingerprint
Added Generic Model Context Protocol technology fingerprint
Fixed Imperva FlexProtect technology fingerprint
Fixed Oracle E-Business Suite technology fingerprint
Fixed Oracle Dynamic Monitoring Service technology fingerprint

© Copyright Mandiant. All rights reserved

First Published: November 13, 2025
Last updated: January 29, 2026

In This Article

Was This Article Helpful?

How would you rate this article?

Copyright © 2020 – 2021 Your Company, LLC. All rights reserved.