December 15, 2025

Summary

Rapid Response

The Censys Rapid Response team published information about and queries for the following issue.

New fingerprints

Added the following fingerprints.

TypeNameDescriptionQuery
softwaren8n ServerThis is a n8n Server, an open-source workflow automation platform with AI integration.Platform query
softwareApache TikaThis is an Apache Tika Server, a content analysis toolkit.Platform query
riskVulnerable Ivanti Endpoint Manager [CVE-2025-10573]This is a service running a version of Ivanti Endpoint Manager vulnerable to CVE-2025-10573, a critical Stored Cross-Site Scripting (XSS) vulnerability that allows a remote unauthenticated attacker to execute JavaScript in the context of an administrator's browser session, potentially leading to session hijacking and unauthorized administrative actions.ASM query:
risks.name: `Vulnerable Ivanti Endpoint Manager [CVE-2025-10573]`
riskVulnerable Fortinet Products [CVE-2025-59718, CVE-2025-59719]This is a Fortinet FortiOS device running a version that is vulnerable to CVE-2025-59718 and CVE-2025-59719, an Improper Verification of Cryptographic Signature vulnerability [CWE-347] that may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML message, if that feature is enabled on the device.ASM query:
risks.name: `Vulnerable Fortinet Products [CVE-2025-59718, CVE-2025-59719]`