CISA KEV

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

CISA KEV, exploited, Featured, Splunk, Vulnerabilities, vulnerability /

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure 2026-06-19 at 07:10 By Eduard Kovacs CISA has given federal agencies only three days to patch CVE-2026-20253, which can be exploited for unauthenticated remote code execution. The post Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure appeared first on SecurityWeek. This article is an excerpt […]

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure Read More »

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks

CISA KEV, cPanel, exploited, Joomla, Vulnerabilities, vulnerability /

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks 2026-06-17 at 10:28 By Ionut Arghire The flaws allow attackers to execute arbitrary PHP code and gain root privileges on shared hosting servers. The post Joomla, LiteSpeed Vulnerabilities Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks Read More »

Ivanti Sentry Exploitation Attempts Hitting Honeypots

CISA KEV, exploited, Ivanti, Vulnerabilities, vulnerability /

Ivanti Sentry Exploitation Attempts Hitting Honeypots 2026-06-12 at 12:44 By Ionut Arghire The critical-severity OS command injection vulnerability allows attackers to execute arbitrary code with root privileges. The post Ivanti Sentry Exploitation Attempts Hitting Honeypots appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Ivanti Sentry Exploitation Attempts Hitting Honeypots Read More »

CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk

BOD, CISA, CISA KEV, Government, Vulnerabilities, vulnerability, vulnerability management /

CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk 2026-06-11 at 16:01 By Ionut Arghire The new BOD 26-04 requires agencies to review and update vulnerability management policies with a focus on KEV catalog entries. The post CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk appeared first on SecurityWeek. This

CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk Read More »

Organizations Warned of Exploited Linux Kernel Vulnerability

CISA KEV, container, exploited, Linux, Vulnerabilities /

Organizations Warned of Exploited Linux Kernel Vulnerability 2026-06-03 at 14:56 By Ionut Arghire An improper authentication bug allows attackers to escalate their privileges and escape containers. The post Organizations Warned of Exploited Linux Kernel Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Organizations Warned of Exploited Linux Kernel Vulnerability Read More »

Oracle WebLogic Vulnerability Exploited in the Wild

CISA KEV, exploited, Oracle, Oracle WebLogic, Vulnerabilities, vulnerability, WebLogic /

Oracle WebLogic Vulnerability Exploited in the Wild 2026-06-02 at 15:46 By Eduard Kovacs The vulnerability is CVE-2024-21182 and it can be exploited without authentication to hack affected WebLogic servers. The post Oracle WebLogic Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Oracle WebLogic Vulnerability Exploited in the Wild Read More »

CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day

CISA KEV, cPanel, exploited, LiteSpeed, plugin, Vulnerabilities, Zero-Day /

CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day 2026-05-27 at 09:56 By Ionut Arghire Resolved last week, the vulnerability was exploited in the wild as a zero-day to execute scripts with root privileges. The post CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day appeared first on SecurityWeek. This article is an

CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day Read More »

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities

CISA KEV, Cisco, exploited, Kentico, Vulnerabilities, Zimbra /

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities 2026-04-21 at 15:29 By Ionut Arghire CISA expanded the KEV catalog with eight flaws, but five of them have been flagged as exploited before. The post Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities Read More »

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software

CISA KEV, enrichment, NIST, NVD, Vulnerabilities, vulnerability /

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software 2026-04-16 at 15:03 By Ionut Arghire To optimize management of CVE volume, entries that do not meet specific criteria will not be automatically enriched. The post NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software appeared first on SecurityWeek. This article is

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software Read More »

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities

CISA KEV, exploited, Microsoft, Patch Tuesday, SharePoint, Vulnerabilities, Zero-Day /

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities 2026-04-14 at 22:26 By Eduard Kovacs Experts say this is the second-largest Microsoft Patch Tuesday ever based on CVE count. The post Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities Read More »

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities

acrobat, Adobe, CISA KEV, exploited, Vulnerabilities, Windows /

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities 2026-04-14 at 12:00 By Ionut Arghire The security defects allow attackers to escalate privileges and execute arbitrary code remotely. The post Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities Read More »

Russian APT Exploits Zimbra Vulnerability Against Ukraine

CISA KEV, exploited, Malware & Threats, phishing, Vulnerabilities, vulnerability, Zimbra /

Russian APT Exploits Zimbra Vulnerability Against Ukraine 2026-03-19 at 16:53 By Ionut Arghire Insufficient sanitization of CSS content within HTML emails leads to inline script execution when the message is opened in a browser. The post Russian APT Exploits Zimbra Vulnerability Against Ukraine appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Russian APT Exploits Zimbra Vulnerability Against Ukraine Read More »

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability

CISA KEV, exploited, SharePoint, Vulnerabilities, vulnerability /

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability 2026-03-19 at 12:02 By Eduard Kovacs The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wild. The post CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability Read More »

CISA Flags Year-Old Wing FTP Vulnerability as Exploited

CISA KEV, exploited, Vulnerabilities, vulnerability, Wing FTP server /

CISA Flags Year-Old Wing FTP Vulnerability as Exploited 2026-03-17 at 13:35 By Ionut Arghire Tracked as CVE-2025-47813, the flaw leads to the disclosure of the full local installation path of the application. The post CISA Flags Year-Old Wing FTP Vulnerability as Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

CISA Flags Year-Old Wing FTP Vulnerability as Exploited Read More »

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks

CISA KEV, exploited, Featured, Vulnerabilities, vulnerability /

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks 2026-03-10 at 15:06 By Ionut Arghire CISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs. The post Recent Ivanti Endpoint Manager Flaw Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks Read More »

Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks

CISA KEV, exploited, ICS, ICS/OT, OT, Rockwell Automation, Vulnerabilities /

Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks 2026-03-06 at 15:38 By Eduard Kovacs The vulnerability was disclosed and mitigated in 2021 but its in-the-wild exploitation has only now come to light. The post Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks Read More »

CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List

CISA KEV, Coruna, exploited, iOS, Vulnerabilities, vulnerability /

CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List 2026-03-06 at 15:38 By Ionut Arghire The nation-state-grade iOS exploit kit targets 23 vulnerabilities affecting iOS 13 to 17.2.1. The post CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List Read More »

Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs

China APT, CISA KEV, exploited, Featured, Nation-State, supply chain attack, Taiwan, TeamT5, Vulnerabilities /

Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs 2026-02-24 at 14:00 By Eduard Kovacs The vulnerability in TeamT5 ThreatSonar Anti-Ransomware was recently added to CISA’s KEV catalog. The post Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs appeared first on SecurityWeek. This article is an

Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs Read More »

New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog

CISA KEV, KEVology, Risk Management, Vulnerabilities, vulnerability /

New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog 2026-02-09 at 11:10 By Kevin Townsend The KEV list is useful but largely misunderstood. KEVology explains what it is, and how best to use it. The post New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s

New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog Read More »

Critical SmarterMail Vulnerability Exploited in Ransomware Attacks

CISA KEV, exploited, SmarterMail, SmarterTools, Vulnerabilities, vulnerability /

Critical SmarterMail Vulnerability Exploited in Ransomware Attacks 2026-02-06 at 09:54 By Ionut Arghire The security defect allows unauthenticated attackers to execute arbitrary code remotely via malicious HTTP requests. The post Critical SmarterMail Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical SmarterMail Vulnerability Exploited in Ransomware Attacks Read More »

Scroll to Top