Known exploited
Smartbedded
CVE published 2025-10-02
CVE-2025-4008
CVE-2025-4008 is a Smartbedded Meteobridge command injection vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2025-10-02. The available public record is limited, but the KEV listing means organizations should treat this as a known-exploited issue and move quickly to vendor-recommended mitigations or removal of the product if fixes are not available.