Commvault has issued updates to rectify four security vulnerabilities that may be leveraged to accomplish remote code execution on vulnerable instances.
The enumeration of flaws, discovered in Commvault versions prior to 11.36.60, is as follows –

CVE-2025-57788 (CVSS score: 6.9) – A weakness in a recognized login process enables unauthenticated adversaries to perform API calls without needing user credentials.