triofox

Triofox is a file-sharing and remote-access platform that, together with Gladinet CentreStack, has been affected by an actively exploited vulnerability tracked as CVE-2025-11371. This unauthenticated local file inclusion flaw was added to the CISA Known Exploited Vulnerabilities (KEV) Catalog after threat actors weaponized it in real-world attacks. System owners and defenders using Triofox should prioritize patching and remediation, as federal agencies face accelerated deadlines under Binding Operational Directive 22-01. The tag covers security advisories and vulnerability disclosures related to Triofox, particularly those involving active exploitation and CISA KEV entries.