Rapid responses

runZero’s Rapid Response program provides immediate detection and notification of emerging threats. Each Rapid Response includes a query to find matching assets, a trigger to analyze all inventories for exposure, and a corresponding blog post with the details of the issue. This program focuses on helping customers mitigate exposures before compromise.

Vulnerabilities covered by the Rapid Response program are replaced by more specific coverage as mitigations become available.

Latest Rapid Responses

DateNameTypeSeverityQueryUS SaaS LinkEU SaaS Link
10/21/2025Rapid Response: Squid Information Disclosure (CVE-2025-62168)softwareCriticalvendor:="Squid Cache" AND product:=Squid AND (version:>0 AND version:<7.2)LinkLink
10/15/2025Rapid Response: F5 CISA Emergency Directive (ED 26-01)assetsInfoos:="F5%"LinkLink
10/15/2025Rapid Response: Fortinet FortiPAM (CVE-2025-49201)assetsInfoos:="Fortinet FortiPAM%"LinkLink
10/15/2025Rapid Response: Fortinet FortiSwitch Manager (CVE-2025-49201)softwareInfovendor:=Fortinet product:="FortiSwitchManager"LinkLink
10/10/2025Rapid Response: Ivanti Endpoint Manager Multiple Vulnerabilities (October 2025)softwareInfovendor:=Ivanti product:="Endpoint Manager"LinkLink
10/08/2025Rapid Response: Oracle E-Business Suite RCE (CVE-2025-61882)softwareInfovendor:=Oracle product:="E-Business Suite"LinkLink
10/06/2025Rapid Response: Redis Multiple Vulnerabilities (October 2025)softwareCriticalvendor:=Redis AND product:=Redis AND (version:>0 AND ( (version:>=6.2 AND version:<6.2.20) OR (version:>=7.2 AND version:<7.2.11) OR (version:>=7.4 AND version:<7.4.6) OR (version:>=8.0 AND version:<8.0.4) OR (version:>=8.2 AND version:<8.2.2)))LinkLink
10/06/2025Rapid Response: Valkey Multiple Vulnerabilities (October 2025)softwareCritical(vendor:=valkey OR vendor:="Fedora Project") AND product:=valkey AND (version:>0 AND ( (version:>=7.2 AND version:<7.2.11) OR (version:>=8.0 AND version:<8.0.6) OR (version:>=8.1 AND version:<8.1.4)))LinkLink
10/04/2025Rapid Response: Smartbedded Meteobridge Command Injection (CVE-2025-4008)servicesInfo_asset.protocol:http AND protocol:http AND http.head.wwwAuthenticate:="Basic realm=%MeteoBridge%"LinkLink
Updated