CISA KEV Archives • Page 2 of 4 • Daily CyberSecurity

44,000 IPs Hijacked: cPanel’s 9.8 CVSS Authentication Bypass Triggers Global Ransomware Surge cPanel Authentication Bypass CVE-2026-41940

44,000 IPs Hijacked: cPanel’s 9.8 CVSS Authentication Bypass Triggers Global Ransomware Surge

Do Son May 2, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning, adding a critical vulnerability in...

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 20 – April 26, 2026) Vulnerability Digest AI Infrastructure Security

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 20 – April 26, 2026)

Do Son April 27, 2026

Welcome to your Monday morning vulnerability digest. As we close out the final full week of April,...

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

In the Wild: Information Disclosure (CVE-2026-20133) Exploited in Cisco SD-WAN Manager

Do Son April 23, 2026

The networking giant Cisco has issued an urgent warning to enterprise administrators. In April 2026, the Cisco...

Microsoft Defender Zero-Day “BlueHammer” Hits KEV Catalog Following Researcher’s Protest BlueHammer Exploit Microsoft Defender LPE

Microsoft Defender Zero-Day “BlueHammer” Hits KEV Catalog Following Researcher’s Protest

Do Son April 23, 2026

CISA has officially added a fresh vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of...

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 13 – April 19, 2026) MCP Security Vulnerability Management

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 13 – April 19, 2026)

Do Son April 20, 2026

Welcome to this week’s vulnerability digest. Between April 13 and April 19, 2026, the global security community logged...

CISA Adds Critical Apache ActiveMQ RCE Flaw to KEV Catalog CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA Adds Critical Apache ActiveMQ RCE Flaw to KEV Catalog

Do Son April 17, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive after adding a high-severity vulnerability...

Sustainable Security: NIST Abandons “Analyze Everything” Goal for NVD NIST NVD Overhaul Risk-Based Triage

Sustainable Security: NIST Abandons “Analyze Everything” Goal for NVD

Do Son April 16, 2026

In a major strategic shift, the National Institute of Standards and Technology (NIST) has announced a fundamental...

Active SharePoint Spoofing and Legacy Office RCE: CISA Alerts on New KEV Exploits CISA KEV Catalog Updates Langflow CVE-2025-34291 Exploit SharePoint Spoofing CISA KEV Catalog Actively Exploited Vulnerability

CISA KEV Catalog Updates Langflow CVE-2025-34291 Exploit SharePoint Spoofing CISA KEV Catalog Actively Exploited Vulnerability

Active SharePoint Spoofing and Legacy Office RCE: CISA Alerts on New KEV Exploits

Do Son April 15, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog, sounding a...

Urgent Patch Alert: SharePoint Spoofing Under Active Attack as Microsoft Releases April 2026 Updates Microsoft Patch Tuesday May 2026 Netlogon RCE CVE-2026-41089 SharePoint Exploit Patch Tuesday Windows DWM Zero-Day CVE-2026-21519 CVE-2024-49039 Microsoft Patch Tuesday March 2025

Microsoft Patch Tuesday May 2026 Netlogon RCE CVE-2026-41089 SharePoint Exploit Patch Tuesday Windows DWM Zero-Day CVE-2026-21519 CVE-2024-49039 Microsoft Patch Tuesday March 2025

Urgent Patch Alert: SharePoint Spoofing Under Active Attack as Microsoft Releases April 2026 Updates

Do Son April 15, 2026

Microsoft’s April 2026 Patch Tuesday has arrived with a massive security payload, addressing a staggering 163 vulnerabilities,...

CISA Adds 7 Fresh Exploits to KEV Catalog CISA KEV Catalog Active Exploitation CVE-2023-33063 - CVE-2023-34192 and CVE-2024-49035

CISA Adds 7 Fresh Exploits to KEV Catalog

Do Son April 14, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog, adding seven...

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 6 – April 12, 2026) Vulnerability Digest Active Exploitation

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 6 – April 12, 2026)

Do Son April 13, 2026

Welcome to this week’s vulnerability digest. As we close out the first full week of April, security...

CISA Warning: Critical Ivanti EPMM Code Injection Vulnerability Under Active Attack Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

CISA Warning: Critical Ivanti EPMM Code Injection Vulnerability Under Active Attack

Do Son April 9, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical code injection vulnerability in Ivanti...

The CVE Watchtower: Weekly Threat Intelligence Briefing (March 30 – April 5, 2026) Vulnerability Digest Zero-Day Exploits Seedworm APT Dindoor Backdoor RedKitten Campaign AI-Generated Malware WSUS RCE ShadowPad CVE-2025-59287

Vulnerability Digest Zero-Day Exploits Seedworm APT Dindoor Backdoor RedKitten Campaign AI-Generated Malware WSUS RCE ShadowPad CVE-2025-59287

The CVE Watchtower: Weekly Threat Intelligence Briefing (March 30 – April 5, 2026)

Do Son April 6, 2026

Welcome to this week’s vulnerability digest. Whether you are a CISO charting out your risk management roadmap...

CISA Issues Emergency Mandate as Critical 9.3 NetScaler Flaw “Bleeds” Admin Sessions Citrix NetScaler Vulnerability CVE-2026-3055

CISA Issues Emergency Mandate as Critical 9.3 NetScaler Flaw “Bleeds” Admin Sessions

Do Son March 31, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability impacting Citrix NetScaler ADC...

The CVE Watchtower: Weekly Threat Intelligence Briefing (March 23 – March 29, 2026) Vulnerability Triage CISA KEV List

The CVE Watchtower: Weekly Threat Intelligence Briefing (March 23 – March 29, 2026)

Do Son March 30, 2026

Whether you are steering the organizational ship as a CISO or maintaining the operational engines as a...

CISA Issues Three-Days Patch Mandate for Critical 9.8 F5 BIG-IP RCE State-Sponsored Exploitation CISA KEV Catalog F5 BIG-IP RCE CISA KEV Catalog SolarWinds WHD Exploit CVE-2025-40551 Zimbra XSS Zero-Day CVE-2025-27915 Exploited Windows Security Vulnerabilities

State-Sponsored Exploitation CISA KEV Catalog F5 BIG-IP RCE CISA KEV Catalog SolarWinds WHD Exploit CVE-2025-40551 Zimbra XSS Zero-Day CVE-2025-27915 Exploited Windows Security Vulnerabilities

CISA Issues Three-Days Patch Mandate for Critical 9.8 F5 BIG-IP RCE

Do Son March 29, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical Remote Code Execution (RCE) vulnerability...

Active Exploits: CISA Adds Critical Craft CMS and Apple ‘DarkSword’ Flaws to KEV CISA KEV Catalog DarkSword Exploit Draytek Routers VMware vCenter RCE CVE-2024-37079

CISA KEV Catalog DarkSword Exploit Draytek Routers VMware vCenter RCE CVE-2024-37079

Active Exploits: CISA Adds Critical Craft CMS and Apple ‘DarkSword’ Flaws to KEV

Do Son March 21, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog, adding five...

Exploited in the Wild: CISA Warns of Active Attacks on Microsoft SharePoint and Zimbra CISA KEV Catalog SharePoint RCE CISA, Known Exploited Vulnerabilities CVE-2023-33010

CISA KEV Catalog SharePoint RCE CISA, Known Exploited Vulnerabilities CVE-2023-33010

Exploited in the Wild: CISA Warns of Active Attacks on Microsoft SharePoint and Zimbra

Do Son March 19, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has officially expanded its Known Exploited Vulnerabilities (KEV) Catalog, adding...

CISA Flags Actively Exploited Wing FTP Server Flaw Wing FTP Server CVE-2025-47813

CISA Flags Actively Exploited Wing FTP Server Flaw

Do Son March 16, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive after adding a new vulnerability...

CISA Mandates Urgent Patch for Maximum 10.0 CVSS n8n RCE Flaw n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

CISA Mandates Urgent Patch for Maximum 10.0 CVSS n8n RCE Flaw

Do Son March 12, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a new, high-stakes entry to its Known...