The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The vulnerabilities added are as follows –

CVE-2023-48788 (CVSS score: 9.3) – Fortinet FortiClient EMS SQL Injection Vulnerability
CVE-2021-44529 (CVSS score: 9.8) – Ivanti