Government ❯ Cybersecurity ❯ CISA

Vulnerability Management

Known Exploited Vulnerabilities Federal Agencies Federal Directives Public Safety CVE-2025-58360 Known Exploited Vulnerabilities Catalog KEV Catalog Incident Response Binding Operational Directive 22-01 Federal Agency Compliance

3 ARTICLES

5d ago

CISA Says SolarWinds Serv-U Flaw Is Being Exploited to Crash Servers

The agency ordered federal civilian agencies to remediate the unauthenticated denial-of-service bug by June 19, raising urgency for rapid patching and mitigations.

3 ARTICLES

last wk.

CISA Flags SharePoint, Zimbra Flaws as Actively Exploited, Sets Rapid Federal Patching Deadlines

7 ARTICLES

3mo ago

CISA Puts Actively Exploited n8n RCE on KEV, Orders Federal Patching by March 25

5 ARTICLES

4mo ago

CISA Flags SmarterMail RCE as Ransomware Target, Sets Feb. 26 Patch Deadline

8 ARTICLES

4mo ago

CISA Forces Three-Day Patch for Actively Exploited SolarWinds Web Help Desk Flaw

7 ARTICLES

4mo ago

Ivanti EPMM Zero-Day RCE Flaws Exploited as CISA Orders Rapid Mitigation

6 ARTICLES

5mo ago

CISA Adds HPE OneView, Microsoft Office Flaws to Exploited Vulnerabilities List

10 ARTICLES

5mo ago

Apple, Google Rush Patches as CISA Flags WebKit Zero‑Day Exploits

11 ARTICLES

6mo ago

React2Shell Attacks Intensify as React Issues Second Round of Emergency Patches

3 ARTICLES

6mo ago

CISA Adds Actively Exploited GeoServer XXE to KEV, Orders Federal Patching

4 ARTICLES

7mo ago

CISA Adds Gladinet and CWP Flaws to KEV, Setting Nov. 25 Federal Remediation Deadline

3 ARTICLES

7mo ago

CISA Adds VMware Aria Operations/Tools Flaw to KEV, Sets Nov. 20 Patch Deadline for Feds

4 ARTICLES

7mo ago

CISA Adds Motex Lanscope RCE Flaw to KEV, Citing Active Exploitation

Vulnerability Management

CISA Says SolarWinds Serv-U Flaw Is Being Exploited to Crash Servers

CISA Adds Exploited Mirasvit Magento Flaw to KEV After Active RCE Attacks

CISA Flags Two-Year-Old Oracle WebLogic Flaw as Actively Exploited

Active Exploits Hit Drupal SQL Injection Flaw CVE-2026-9082

CISA Orders Rapid Patching of Cisco SD‑WAN Admin‑Bypass Flaw CVE‑2026‑20182

CISA Adds ActiveMQ RCE to KEV With April 30 Patch Deadline

Google Rushes Chrome 146 Update to Fix WebGPU Zero-Day Exploited in the Wild

CISA Adds Actively Exploited Langflow RCE to KEV, Sets April 8 Deadline

CISA Flags SharePoint, Zimbra Flaws as Actively Exploited, Sets Rapid Federal Patching Deadlines

CISA Puts Actively Exploited n8n RCE on KEV, Orders Federal Patching by March 25

Never miss stories about

Vulnerability Management

CISA Flags SmarterMail RCE as Ransomware Target, Sets Feb. 26 Patch Deadline

CISA Forces Three-Day Patch for Actively Exploited SolarWinds Web Help Desk Flaw

Ivanti EPMM Zero-Day RCE Flaws Exploited as CISA Orders Rapid Mitigation

CISA Adds HPE OneView, Microsoft Office Flaws to Exploited Vulnerabilities List

Apple, Google Rush Patches as CISA Flags WebKit Zero‑Day Exploits

React2Shell Attacks Intensify as React Issues Second Round of Emergency Patches

CISA Adds Actively Exploited GeoServer XXE to KEV, Orders Federal Patching

CISA Adds Gladinet and CWP Flaws to KEV, Setting Nov. 25 Federal Remediation Deadline

CISA Adds VMware Aria Operations/Tools Flaw to KEV, Sets Nov. 20 Patch Deadline for Feds

CISA Adds Motex Lanscope RCE Flaw to KEV, Citing Active Exploitation

Never miss stories about

Vulnerability Management