These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2025-34028 is a path traversal vulnerability affecting Commvault Command Center that CISA added to the Known Exploited Vulnerabilities catalog on 2025-05-02. Because it is listed in KEV, organizations should treat it as an active-risk issue and prioritize remediation using the vendor’s guidance or CISA’s recommended actions.
CVE-2025-3928 is an unspecified Commvault Web Server vulnerability that CISA added to the Known Exploited Vulnerabilities catalog on 2025-04-28. Because it is KEV-listed, defenders should treat it as an active-risk issue even though the supplied public record does not include a technical exploit description or CVSS score. The official guidance points administrators to apply vendor mitigations, follow appl [truncated]