CISA has added GeoServer CVE-2024-36401 to its Known Exploited Vulnerability Catalog https://cisa.gov/news-events/alerts/2024/07/15/cisa-adds-one-known-exploited-vulnerability-catalog

We first observed CVE-2024-36401 "POST /geoserver/wfs" exploitation July 9th in our sensors. Check for signs of compromise & patch

https://github.com/geoserver/geoserver/security/advisories/GHSA-6jj6-gm7p-fcvv