RCE
CVE-2025-27364: Remote Code Execution in MITRE Caldera via Linker Flag Injection
Executive Summary CVE-2025-27364 is a critical Remote Code Execution (RCE) vulnerability affecting MITRE Caldera, a cyber security platform used for automated adversary emulation. The vulnerability exists in the dynamic agent (implant) compilation functionality of the Caldera server. By crafting a malicious web request to the Caldera server API, an unauthenticated