18 articles tagged with "Cisa Kev"
CVE-2026-39987 in Marimo Python notebooks allows unauthenticated RCE via terminal WebSocket. Attackers weaponized it within hours. Patch to 0.23.0 now.
CVE-2026-3055 now actively exploited. CISA adds the CVSS 9.3 memory leak to KEV catalog, giving federal agencies until April 2 to patch SAML IdP configurations.
CISA added CVE-2025-53521 to its KEV catalog after F5 reclassified the BIG-IP APM vulnerability from DoS to remote code execution. CVSS 9.8—federal deadline is March 30.
Five vulnerabilities under active exploitation added to CISA's KEV catalog. Federal agencies must patch by April 3, 2026. Includes three Apple kernel flaws and Laravel RCE.
CISA confirms active exploitation of VMware Aria Operations CVE-2026-22719, a command injection flaw enabling unauthenticated RCE. Patch by March 24.
CISA added Microsoft SharePoint CVE-2026-20963 to the KEV catalog after confirming active exploitation. Federal agencies must patch by March 21.
CISA renews warnings about CVE-2025-47812, a CVSS 10.0 vulnerability in Wing FTP Server that grants attackers root/SYSTEM access. Over 8,000 servers remain exposed.
Google patches two actively exploited Chrome zero-days affecting Skia graphics and V8 JavaScript engine. CISA adds both to KEV catalog with March 27 deadline.
CVE-2025-68613 allows authenticated attackers to execute arbitrary code on n8n workflow servers. CISA gives federal agencies until March 25 to patch.
CVE-2026-1603 allows unauthenticated attackers to steal credential vaults from Ivanti Endpoint Manager. CISA added it to KEV catalog after exploitation detected.
Federal agencies must patch CVE-2017-7921 and CVE-2021-22681 by March 26. Hikvision cameras face active exploitation; Rockwell PLCs at risk.
CISA flags FileZen command injection flaw (CVE-2026-25108, CVSS 8.7) as actively exploited. Federal agencies must patch by March 17, 2026.
CVE-2025-22225 sandbox escape now confirmed as a ransomware attack vector. Exploitation toolkit predates Broadcom's patch by a full year.
CVE-2026-24423 lets unauthenticated attackers execute OS commands on SmarterMail servers. CISA confirms active ransomware exploitation and sets a February 26 patch deadline.
CVE-2025-8110 allows authenticated attackers to achieve RCE on self-hosted Git servers via path traversal. Over 700 instances already compromised.
CVE-2026-23760 enables unauthenticated admin takeover in SmarterMail. Exploitation began two days after patch release.
From Fortinet to SonicWall, authentication bypass vulnerabilities share common traits. Understanding these patterns helps security teams prioritize patching.
Federal agencies have until January 19 to patch CVE-2025-14847. Security researchers release open-source detection tool as attackers harvest credentials from exposed servers.