📢 CISA KEV UPDATE: Two flaws now under active exploitation! A critical RCE in Langflow AI framework (CVE-2026-33017) and a supply-chain attack via Trivy scanner (CVE-2026-33634). Patch now! ⚠️ #KEV #CyberSecurity #RCE
New KEV alert ⚠️
CVE-2026-33634 (Trivy) now actively exploited.
KEV = real-world risk, not theory.
💬 Patch priority?
🔔 Follow TechNadu
#CyberSecurity #KEV #InfoSec
So are we going to get #ICE goons to help out with #CISA too?
I’m sure they’d be just as great at the #KEV
📢 CISA KEV UPDATE: Actively exploited flaws in Apple visionOS (CVE-2026-28217), Laravel (CVE-2024-4671), & Craft CMS (CVE-2026-25487) added to catalog. Federal agencies must patch by April 12. All orgs urged to patch NOW! ⚠️ #KEV #CISA
The Federal Government’s Patch-or-Perish Ultimatum: Inside CISA’s Latest Emergency Directive on Apple, Craft CMS, and Laravel Vulnerabilities CISA added critical Apple WebKit, Craft CMS, and La...
#CybersecurityUpdate #Apple #WebKit #CVE-2025-24201 #CISA #KEV […]
[Original post on webpronews.com]
gcve-eu-kev updated — a CISA KEV and ENISA CNW/EUVD to GCVE BCP-07 converter.
It now also includes a generic RSS/Atom exporter for any GCVE KEV BCP-07 feed.
@gcve
#cybersecurity #gcve #kev #cve #vulnerability #vulnerabilitymanagement
🔗 https://github.com/gcve-eu/gcve-eu-kev
🔗 […]
~Cisa~
CISA added five actively exploited vulnerabilities to the KEV catalog, affecting Apple, Craft CMS, and Laravel.
-
IOCs: CVE-2025-31277, CVE-2025-32432, CVE-2025-54068
-
#CISA #KEV #ThreatIntel #Vulnerability
CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wil...
#Vulnerabilities #CISA #KEV #exploited #SharePoint #vulnerability
Origin | Interest | Match
~Cisa~
CISA added two actively exploited Google vulnerabilities (Skia and Chromium V8) to its KEV catalog, urging immediate patching.
-
IOCs: CVE-2026-3909, CVE-2026-3910
-
#CISA #KEV #ThreatIntel
CISA flips the switch: Ivanti EPM (CVE-2026-1603) is under active exploit. A low-complexity XSS allows total authentication bypass with zero user interaction. If your EPM is internet-facing, the "Master Key" is compromised. Get the Strategic Arsenal now. #CyberSecurity #Ivanti #KEV
CISA added three actively exploited vulnerabilities to its KEV catalog affecting:
• Omnissa Workspace ONE
• SolarWinds Web Help Desk
• Ivanti Endpoint Manager
KEV vulnerabilities remain a top target for attackers.
Follow TechNadu for cybersecurity updates.
#CyberSecurity #Infosec #KEV
~Cisa~
CISA added three actively exploited vulnerabilities (Omnissa, SolarWinds, Ivanti) to the KEV catalog.
-
IOCs: CVE-2021-22054, CVE-2025-26399, CVE-2026-1603
-
#CISA #KEV #ThreatIntel
Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks The vulnerability was disclosed and mitigated in 2021 but its in-the-wild exploitation has only now come to light. The post R...
#ICS/OT #Vulnerabilities #CISA #KEV #exploited #ICS #OT […]
[Original post on securityweek.com]
~Cisa~
CISA added five actively exploited vulnerabilities affecting Hikvision, Rockwell, and Apple products to its KEV catalog.
-
IOCs: CVE-2017-7921, CVE-2021-22681, CVE-2023-41974
-
#CISA #KEV #ThreatIntel #Vulnerability
Federal Directive Mandates Urgent Patching of Critical VMware vCenter Flaws Amid Active Exploitation CISA has ordered federal agencies to patch critical VMware vCenter Server vulnerabilities (CVE-2...
#CybersecurityUpdate #EnterpriseSecurity #Broadcom #CISA […]
[Original post on webpronews.com]
~Cisa~
CISA added actively exploited Qualcomm and VMware Aria vulnerabilities to its KEV catalog.
-
IOCs: CVE-2026-21385, CVE-2026-22719
-
#CISA #KEV #ThreatIntel
~Cisa~
CISA adds two actively exploited Cisco SD-WAN vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, urging immediate remediation.
-
IOCs: CVE-2022-20775, CVE-2026-20127
-
#Cisco #KEV #ThreatIntel
CISA Sounds the Alarm: Two Actively Exploited Vulnerabilities Force Federal Agencies Into Emergency Patching Mode CISA added two actively exploited vulnerabilities—affecting the Linux kernel and ...
#CybersecurityUpdate #actively #exploited #vulnerabilities […]
[Original post on webpronews.com]
~Cisa~
CISA has added two actively exploited RoundCube Webmail vulnerabilities to its KEV catalog, urging immediate patching.
-
IOCs: CVE-2025-49113, CVE-2025-68461
-
#KEV #RoundCube #ThreatIntel
Shipped a new tool: KEV Compare on @cvemate.bsky.social
Compares Known Exploited Vulnerabilities #KEV catalogs across 3 publishers — #CISA, #ENISA, and #CIRCL
→ Pairwise overlap analysis
→ Exclusive coverage gaps
→ Who listed each CVE first
→ Monthly growth trends
cvemate.com/kev #infosec
~Cisa~
CISA adds actively exploited GitLab (CVE-2021-22175) and Dell (CVE-2026-22769) vulnerabilities to its KEV catalog.
-
IOCs: CVE-2021-22175, CVE-2026-22769
-
#CISA #KEV #ThreatIntel
CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5 The vulnerability added to CISA’s KEV catalog affects ThreatSonar Anti-Ransomware and it was patched in 2024. The ...
#Vulnerabilities #China #CISA #KEV #exploited #TeamT5
Origin | Interest | Match
~Cisa~
CISA added four actively exploited vulnerabilities affecting Microsoft, Zimbra, TeamT5, and Chromium to its KEV catalog, requiring urgent remediation.
-
IOCs: CVE-2026-2441, CVE-2024-7694, CVE-2020-7796
-
#CISA #KEV #PatchNow #ThreatIntel
CISA remains operational during the DHS shutdown - but at 38% staffing.
KEV stays active.
CIRCIA rulemaking pauses.
Enforcement weakens.
Cyber adversaries don’t observe funding gaps.
Follow TechNadu for cybersecurity policy updates.
#CyberSecurity #CISA #DHS #Infosec #KEV #CriticalInfrastructure
CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities Disclosed at the end of January, the SolarWinds vulnerability was likely exploited as a zero-day since December 2025. The po...
#Vulnerabilities #CISA #CISA #KEV #exploited #Notepad++ […]
[Original post on securityweek.com]
~Cisa~
CISA adds four actively exploited vulnerabilities affecting Microsoft, Notepad++, SolarWinds, and Apple to its KEV catalog, requiring remediation.
-
IOCs: CVE-2024-43468, CVE-2025-15556, CVE-2025-40536
-
#CISA #KEV #ThreatIntel #Vulnerability
~Cisa~
CISA added six new actively exploited vulnerabilities to its KEV catalog, urging immediate patching.
-
IOCs: CVE-2026-21510, CVE-2026-21513, CVE-2026-21514
-
#CISA #KEV #ThreatIntel #Vulnerability
New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog The KEV list is useful but largely misunderstood. KEVology explains what it is, and how best to use it. The...
#Risk #Management #Vulnerabilities #CISA #KEV #KEVology #vulnerability
Origin | Interest | Match
New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog The KEV list is useful but largely misunderstood. KEVology explains what it is, and how best to use it. The...
#Risk #Management #Vulnerabilities #CISA #KEV #Featured […]
[Original post on securityweek.com]
