CVE•Published 2025-10-14•1 article on news•7 live references•NVD data

CVE-2025-58726

Vulnerability data via CVEDB (Shodan)

CVSS v3.1

7.5

HIGH

EPSS percentile

Exploit Prediction Scoring System · top 42% of all CVEs

Description

Improper access control in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

Timeline

Published 2025-10-14

External references

NVD MITRE Exploit-DB GitHub PoC Sploitus trickest/cve VulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts

vuln:CVE-2025-58726

Hosts Shodan has explicitly fingerprinted as vulnerable.

Shodan · OS

os:"Windows 10 1507"

Hosts Shodan identified as running Windows 10 1507.

More intel sources (5)

Shodan report

vuln:CVE-2025-58726

Country / ASN / product breakdown for the vuln query.

Censys

vulnerabilities.cve_id: CVE-2025-58726

Censys host search filtered to this CVE id.

grep.app

CVE-2025-58726

Public source-code mentions — fast PoC discovery.

GitHub code

CVE-2025-58726

GitHub code search for direct mentions.

Google dork

"CVE-2025-58726" exploit -site:nvd.nist.gov

Write-ups and news, NVD excluded.

Known PoCs on GitHub (2)

CVE-2025-587262 repos

DarkFunct/TK-CVE-RepoPython

TK-CVE-Repo

★ 51·updated 3w ago

jonaslejon/ad-autopwnPython

AD AutoPwn v4.10.0 — automated AD attack chain, zero-auth to Domain Admin. Discover/Kerberoast/AS-REP/AD CS ESC1-16/Shadow Creds/RBCD+KCD/Ghost-SPN/TGS-rewrite/Dollar-Ticket/WPAD/W…

★ 4·updated 1mo ago