Cisa Adds 12 New Flaws To Known Exploited Vulnerabilities Catalog For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—cisa maintains the authoritative source of vulnerabilities that have been exploited in the wild. Cisa exploited vulnerabilities catalog expands with six new flaws in fortinet, microsoft, and adobe software currently under active attack.
Cisa Known Exploited Vulnerabilities What To Know Vmiss Net Cisa’s latest move is a reminder that the known exploited vulnerabilities (kev) catalog remains one of the most operationally important signals in federal cybersecurity. on april 20, 2026, the agency added eight more cves tied to active exploitation, spanning print management, endpoint. Cisa expands kev catalog with eight new entries the us cybersecurity and infrastructure security agency (cisa) expanded its known exploited vulnerabilities (kev) catalog on monday, adding eight newly confirmed flaws — three of which had not previously been identified as actively exploited. the additions span products from cisco, kentico, zimbra, quest, jetbrains, and papercut, and federal. On april 21, 2026, the u.s. cybersecurity and infrastructure security agency (cisa) urgently added eight dangerous security vulnerabilities to its public catalog, citing clear evidence of active in the wild exploitation. three of the critical flaws specifically target cisco catalyst sd wan manager, a crucial networking component for many organizations. Cisa on monday added six security flaws to its known exploited vulnerabilities catalog after finding evidence of active exploitation, including issues in fortinet, adobe and microsoft products. the list covers bugs with cvss scores ranging from 7.8 to 9.1, and federal civilian agencies must apply fixes by april 27, 2026, with one forticlient ems patch due by april 16, 2026.
Cisa Adds 3 New Flaws To Known Exploited Vulnerabilities Catalog On april 21, 2026, the u.s. cybersecurity and infrastructure security agency (cisa) urgently added eight dangerous security vulnerabilities to its public catalog, citing clear evidence of active in the wild exploitation. three of the critical flaws specifically target cisco catalyst sd wan manager, a crucial networking component for many organizations. Cisa on monday added six security flaws to its known exploited vulnerabilities catalog after finding evidence of active exploitation, including issues in fortinet, adobe and microsoft products. the list covers bugs with cvss scores ranging from 7.8 to 9.1, and federal civilian agencies must apply fixes by april 27, 2026, with one forticlient ems patch due by april 16, 2026. Cisa expanded its known exploited vulnerabilities (kev) catalog on april 20, 2026, adding eight security flaws spanning enterprise print management, ci cd platforms, cms infrastructure, appliance management, email collaboration, and sd wan orchestration. all eight carry evidence of active exploitation in the wild. The united states cybersecurity and infrastructure security agency (cisa) has significantly expanded its known exploited vulnerabilities (kev) catalog to 1,484 vulnerabilities as of december 2025, marking a critical milestone in the federal government’s efforts to combat actively exploited security flaws. The cybersecurity and infrastructure security agency (cisa) have expanded its known exploited vulnerabilities, commonly referred to as the kev catalog, with eight newly identified security flaws that are currently being exploited in real world attacks. the update was announced on april 21, 2026. Cisa has added 47 new vulnerabilities to its known exploited vulnerabilities (kev) catalog in 2025, including flaws in sharepoint, google chromium, and cisco devices. the updates stress the urgency of prioritizing kev based patching, as attackers continue exploiting both new and legacy weaknesses.
Comments are closed.