CISA Flags Critical HPE OneView Vulnerability as Actively Exploited

CISA Flags Critical HPE OneView Vulnerability as Actively Exploited

First seen 8 Jan 2026, 09:52 UTC ThehackernewsBleepingcomputerSecurityaffairs.CoTechzine.EuFeeds.Feedburner+13 68% similarity 54.4

Article Content

Browse articles
ThreatCluster

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified a critical vulnerability in HPE OneView, tracked as CVE-2025-37164, as being actively exploited in attacks. This flaw affects HPE's infrastructure management software, which is used by IT administrators for managing storage, servers, and networking devices. The vulnerability was reported by Vietnamese security researcher Nguyen Quoc Khanh, leading to the release of security patches by HPE in mid-December 2025.

ThreatCluster AI

Community

Browse all →