PatchSiren cyber security CVE debrief
CVE-2025-59689 Libraesva CVE debrief
CVE-2025-59689 is a command injection vulnerability affecting Libraesva Email Security Gateway. CISA added it to the Known Exploited Vulnerabilities catalog on 2025-09-29, which makes this an urgent remediation item for any organization using the product. The supplied corpus does not provide deeper technical detail beyond the command-injection classification, so response should focus on vendor-directed mitigation and CISA’s remediation deadline of 2025-10-20.
- Vendor
- Libraesva
- Product
- Email Security Gateway
- CVSS
- Unknown
- CISA KEV
- Listed
- Original CVE published
- 2025-09-29
- Original CVE updated
- 2025-09-29
- Advisory published
- 2025-09-29
- Advisory updated
- 2025-09-29
Who should care
Security teams, email security administrators, vulnerability management, and incident response staff at organizations running Libraesva Email Security Gateway should treat this as high priority. Cloud and hosted-service operators using the product should also confirm whether vendor mitigations are available and whether CISA BOD 22-01-style remediation deadlines apply in their environment.
Technical summary
The available source material identifies CVE-2025-59689 as a command injection flaw in Libraesva Email Security Gateway. CISA’s KEV entry (dated 2025-09-29) indicates the vulnerability is considered actively exploited or otherwise sufficiently urgent to require remediation by 2025-10-20. No CVSS score, version scope, exploit mechanism, or patch details were included in the supplied corpus.
Defensive priority
Urgent. Because this CVE is listed in CISA KEV, remediation should be prioritized immediately and completed by the CISA due date of 2025-10-20, or the product should be removed from service if mitigations are unavailable.
Recommended defensive actions
- Inventory all Libraesva Email Security Gateway instances, including hosted and on-premises deployments.
- Apply the vendor’s mitigations or remediation steps as directed in the official Libraesva security advisory.
- If mitigations are not available or cannot be applied, follow CISA guidance to discontinue use of the product.
- Track progress against the CISA KEV due date of 2025-10-20 and escalate overdue systems.
- Increase monitoring for the gateway during remediation and verify that administrative access is tightly controlled.
Evidence notes
The supplied CISA KEV record names the issue 'Libraesva Email Security Gateway Command Injection Vulnerability,' lists vendorProject Libraesva and product Email Security Gateway, and marks dateAdded as 2025-09-29 with dueDate 2025-10-20. The same metadata references the official Libraesva advisory and the NVD detail page. No CVSS score was provided in the corpus, so prioritization here is driven by KEV status and the remediation deadline.
Official resources
-
CVE-2025-59689 CVE record
CVE.org
-
CVE-2025-59689 NVD detail
NVD
-
CISA Known Exploited Vulnerabilities catalog
CISA - Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
-
Source item URL
cisa_kev
This debrief is based only on the supplied CISA KEV record and official CVE/NVD links. CVE timing is taken from the CVE and source dates provided (2025-09-29); PatchSiren generation time was not used as the issue date.