CVE-2025-34028

Exploited in the Wild ✓ Confirmed 0-Day

Triaged: March 20, 2026 3 articles

VulnLookup ↗ NVD ↗ MITRE ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24

49.25%

probability

This CVE has a 49.25% probability of being exploited in the next 30 days.

0% Top 97.8th percentile of all CVEs 100%

CVSS score unavailable

Neither CIRCL nor NVD returned a CVSS score for this CVE. View on VulnerabilityLookup ↗

Attack Intelligence

CWE-22 · Path Traversal CWE-284 · Improper Access Control CWE-287 · Improper Authentication CWE-306 · Missing Authentication CWE-664 · Improper Control of a Resource Through its Lifetime CWE-706 · Use of Incorrectly-Resolved Name or Reference

Exploits & PoC

watchtowrlabs/watchTowr-vs-Commvault-PreAuth-RCE-CVE-2025-34028

PoC CVE-2025-34028 — watchtowrlabs/watchTowr-vs-Commvault-PreAuth-RCE-CVE-2025-34028

Mattb709/CVE-2025-34028-PoC-Commvault-RCE

Proof-of-Concept (PoC) for CVE-2025-34028, a Remote Code Execution vulnerability in Commvault Command Center. This Python script scans single or multi

2 repos — triés par ⭐ Rechercher sur GitHub ↗

Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely

TheHackerNews

Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks

TheHackerNews

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

TheHackerNews

Signal Intelligence

Confidenceⓘ

92%

EPSS 49.25%

Mentions 3

CNA Information

Analyst Note

CVE-2025-34028 is explicitly listed in CISA KEV catalog with active exploitation confirmed, as documented in the third article. The vulnerability affects Commvault Command Center with critical severity (CVSS 9.0), and CISA's addition to KEV occurred approximately one week post-disclosure, strongly indicating in-the-wild exploitation before or shortly after patch availability.

Threat Actors 2

Rocke

apt_group 🇨🇳 CN

Mana Team

apt_group 🇨🇳 CN

Triage Info

Decided atMar 20, 2026