The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included a critical severity security vulnerability affecting Commvault Command Center in its Known Exploited Vulnerabilities (KEV) list, shortly after it was made public.

This specific vulnerability is identified as CVE-2025-34028 (CVSS score: 10.0), a path traversal issue that impacts the 11.38 Innovation Release, spanning from versions