CVE-2025-58726 — Vulnetix

CVE-2025-58726 PUBLISHED

EPSS 0.08% · 24.3th percentile

Risk Scores

EPSS Score

0.08%

24.3th percentile

Exploit Intelligence

AD AutoPwn v4.10.0 — automated AD attack chain, zero-auth to Domain Admin. Discover/Kerberoast/AS-REP/AD CS ESC1-16/Shadow Creds/RBCD+KCD/Ghost-SPN/TGS-rewrite/Dollar-Ticket/WPAD/WSUS/PXE/SCCM/BloodHound auto-action/Loot/DCSync/DPAPI + Synacktiv 2026 reflection (CVE-2025-58726/2026-24294/2026-26128). Authorized pentesting only. (github-poc-repo)
AD AutoPwn v4.10.0 — automated AD attack chain, zero-auth to Domain Admin. Discover/Kerberoast/AS-REP/AD CS ESC1-16/Shadow Creds/RBCD+KCD/Ghost-SPN/TGS-rewrite/Dollar-Ticket/WPAD/WSUS/PXE/SCCM/BloodHound auto-action/Loot/DCSync/DPAPI + Synacktiv 2026 reflection (CVE-2025-58726/2026-24294/2026-26128). Authorized pentesting only. (github-poc-repo)
AD AutoPwn v4.10.0 — automated AD attack chain, zero-auth to Domain Admin. Discover/Kerberoast/AS-REP/AD CS ESC1-16/Shadow Creds/RBCD+KCD/Ghost-SPN/TGS-rewrite/Dollar-Ticket/WPAD/WSUS/PXE/SCCM/BloodHound auto-action/Loot/DCSync/DPAPI + Synacktiv 2026 reflection (CVE-2025-58726/2026-24294/2026-26128). Authorized pentesting only. (github-poc-repo)
AD AutoPwn v4.10.0 — automated AD attack chain, zero-auth to Domain Admin. Discover/Kerberoast/AS-REP/AD CS ESC1-16/Shadow Creds/RBCD+KCD/Ghost-SPN/TGS-rewrite/Dollar-Ticket/WPAD/WSUS/PXE/SCCM/BloodHound auto-action/Loot/DCSync/DPAPI + Synacktiv 2026 reflection (CVE-2025-58726/2026-24294/2026-26128). Authorized pentesting only. (github-poc-repo)
AD AutoPwn v4.10.0 — automated AD attack chain, zero-auth to Domain Admin. Discover/Kerberoast/AS-REP/AD CS ESC1-16/Shadow Creds/RBCD+KCD/Ghost-SPN/TGS-rewrite/Dollar-Ticket/WPAD/WSUS/PXE/SCCM/BloodHound auto-action/Loot/DCSync/DPAPI + Synacktiv 2026 reflection (CVE-2025-58726/2026-24294/2026-26128). Authorized pentesting only. (github-poc-repo)
AD AutoPwn v4.10.0 — automated AD attack chain, zero-auth to Domain Admin. Discover/Kerberoast/AS-REP/AD CS ESC1-16/Shadow Creds/RBCD+KCD/Ghost-SPN/TGS-rewrite/Dollar-Ticket/WPAD/WSUS/PXE/SCCM/BloodHound auto-action/Loot/DCSync/DPAPI + Synacktiv 2026 reflection (CVE-2025-58726/2026-24294/2026-26128). Authorized pentesting only. (github-poc-repo)
AD AutoPwn v4.10.0 — automated AD attack chain, zero-auth to Domain Admin. Discover/Kerberoast/AS-REP/AD CS ESC1-16/Shadow Creds/RBCD+KCD/Ghost-SPN/TGS-rewrite/Dollar-Ticket/WPAD/WSUS/PXE/SCCM/BloodHound auto-action/Loot/DCSync/DPAPI + Synacktiv 2026 reflection (CVE-2025-58726/2026-24294/2026-26128). Authorized pentesting only. (github-poc-repo)
AD AutoPwn v4.10.0 — automated AD attack chain, zero-auth to Domain Admin. Discover/Kerberoast/AS-REP/AD CS ESC1-16/Shadow Creds/RBCD+KCD/Ghost-SPN/TGS-rewrite/Dollar-Ticket/WPAD/WSUS/PXE/SCCM/BloodHound auto-action/Loot/DCSync/DPAPI + Synacktiv 2026 reflection (CVE-2025-58726/2026-24294/2026-26128). Authorized pentesting only. (github-poc-repo)
AD AutoPwn v4.10.0 — automated AD attack chain, zero-auth to Domain Admin. Discover/Kerberoast/AS-REP/AD CS ESC1-16/Shadow Creds/RBCD+KCD/Ghost-SPN/TGS-rewrite/Dollar-Ticket/WPAD/WSUS/PXE/SCCM/BloodHound auto-action/Loot/DCSync/DPAPI + Synacktiv 2026 reflection (CVE-2025-58726/2026-24294/2026-26128). Authorized pentesting only. (github-poc-repo)
AD AutoPwn v4.10.0 — automated AD attack chain, zero-auth to Domain Admin. Discover/Kerberoast/AS-REP/AD CS ESC1-16/Shadow Creds/RBCD+KCD/Ghost-SPN/TGS-rewrite/Dollar-Ticket/WPAD/WSUS/PXE/SCCM/BloodHound auto-action/Loot/DCSync/DPAPI + Synacktiv 2026 reflection (CVE-2025-58726/2026-24294/2026-26128). Authorized pentesting only. (github-poc)

…and 9 more exploits

Timeline

Oct 14, 2025 CVE Published
Oct 15, 2025 EPSS Score
Oct 21, 2025 EPSS Score
Oct 27, 2025 EPSS Score
Nov 2, 2025 EPSS Score
Nov 8, 2025 EPSS Score
Nov 15, 2025 EPSS Score
Nov 21, 2025 EPSS Score
Nov 27, 2025 EPSS Score
Dec 3, 2025 EPSS Score
Dec 9, 2025 EPSS Score
Dec 15, 2025 EPSS Score

References

https://cert.ssi.gouv.fr/avis/CERTFR-2025-AVI-0879/ advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59205 advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55682 advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58727 advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59204 advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59275 advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50175 advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55697 advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58737 advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55326 advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53139 advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59502 advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55328 advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59261 advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59214 advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58718 advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58738 advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55687 advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59255 advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48004 advisory

…and 116 more

Open in Interactive Console →