Rapid responses

runZero’s Rapid Response program provides immediate detection and notification of emerging threats. Each Rapid Response includes a query to find matching assets, a trigger to analyze all inventories for exposure, and a corresponding blog post with the details of the issue. This program focuses on helping customers mitigate exposures before compromise.

Vulnerabilities covered by the Rapid Response program are replaced by more specific coverage as mitigations become available.

Latest Rapid Responses

DateNameTypeSeverityQueryUS SaaS LinkEU SaaS Link
12/24/2025Rapid Response: MongoDB Pre-Authentication Memory Leak (CVE-2025-14847)softwareHigh(vendor:=MongoDB AND (product:=MongoDB OR product:="MongoDB MongoDB")) OR (product:="MongoDB%Server") AND (version:>0 AND (version:>=3.6.0 AND version:<3.7) OR (version:>=4.0.0 AND version:<4.1) OR (version:>=4.2.0 AND version:<4.3) OR (version:>=4.4.0 AND version:<4.4.30) OR (version:>=5.0.0 AND version:<5.0.32) OR (version:>=6.0.0 AND version:<6.0.27) OR (version:>=7.0.0 AND version:<7.0.28) OR (version:>=8.0.0 AND version:<8.0.17) OR (version:>=8.2.0 AND version:<8.2.3))LinkLink
12/19/2025Rapid Response: WatchGuard Firebox IKED RCE (CVE-2025-14733)assetsInfoos:="WatchGuard Fireware"LinkLink
12/18/2025Rapid Response: HPE OneView Remote Code Execution (CVE-2025-37164)softwareInfo(vendor:="HP" AND product:="Oneview") OR (vendor:="HPE" AND product:="OneView")LinkLink
12/17/2025Rapid Response: Cisco Secure Email Gateway and Web Manager (CVE-2025-20393)servicesInfo_asset.protocol:=http AND protocol:=http AND last.html.title:"Cisco%Gateway%C" AND NOT last.html.title:"Cloud"LinkLink
12/10/2025Rapid Response: Gogs File Overwrite Vulnerability (CVE-2025-8110)servicesInfo_asset.protocol:=http AND protocol:=http AND favicon.ico.image.md5:=5f5b7539f014b9996959f5dcd063d383LinkLink
12/03/2025Rapid Response: Vercel Next.js React Server Components RCE (CVE-2025-55182)softwareInfo(vendor:=Zeit OR vendor:=Vercel) AND (product:=Next.Js OR product:=Next.js)LinkLink
11/21/2025Rapid Response: Grafana Enterprise Privilege EscalationsoftwareInfovendor:="Grafana Labs" AND (product:="GrafanaEnterprise" OR product:="Grafana Enterprise") AND (version:>0 AND version:>="12.0.0" AND version:<"12.3.0")LinkLink
11/20/2025Rapid Response: Oracle Identity Manager Authentication BypasssoftwareInfovendor:="Oracle" AND product:="Identity Manager"LinkLink
11/18/2025Rapid Response: Fortinet FortiVoice SQL Injection (CVE-2025-58692)assetsHighhw:="Fortinet%" AND type:="SIP Gateway" AND ((osversion:>"7.2.0" AND osversion:<"7.2.3") OR (osversion:>"7.0.0" AND osversion:<"7.0.8"))LinkLink
11/14/2025Rapid Response: Multiple Fortinet Products Authentication Bypass (CVE-2025-59718 and CVE-2025-59719)assetsInfoproduct:"Fortinet FortiWeb" OR (os:="Fortinet FortiOS" AND os_version:>0 AND ((os_version:>="7.6.0" AND os_version:<="7.6.3") OR (os_version:>="7.4.0" AND os_version:<="7.4.8") OR (os_version:>="7.2.0" AND os_version:<="7.2.11") OR (os_version:>="7.0.0" AND os_version:<="7.0.17")))LinkLink
11/14/2025Rapid Response: Fortinet FortiWeb Relative Path Traversal (CVE-2025-64446)assetsInfoproduct:"Fortinet FortiWeb"LinkLink
11/12/2025Rapid Response: Gladinet Triofox Multiple Vulnerabilities (2025-11)servicesInfo_asset.protocol:http AND protocol:http AND favicon.ico.image.md5:="bf2c9797fd72c284d99d116e1e02ea18"LinkLink
11/10/2025Rapid Response: Monsta FTP RCE (CVE-2025-34299)servicesInfo_asset.protocol:http AND protocol:http AND favicon.ico.image.mmh3:="1535999103"LinkLink
11/06/2025Rapid Response: CWP (Control Web Panel) OS Command Injection (CVE-2025-48703)softwareInfovendor:="CentOS WebPanel" product:="CentOS Web Panel"LinkLink
11/03/2025Rapid Response: Veeam Backup & Replication RCE Multiple Vulnerabilities (2025-10)softwareCriticalvendor:=Veeam AND product:="Veeam Backup & Replication" AND (version:>0 AND version:>=12 AND version:<12.3.2.4165)LinkLink
Updated
Previous: Exposure management Next: Query library