Government ❯ Cybersecurity ❯ CISA

Vulnerability Management

Federal Agencies Known Exploited Vulnerabilities Federal Directives Public Safety CVE-2025-58360 Known Exploited Vulnerabilities Catalog Incident Response

Apple, Google Rush Patches as CISA Flags WebKit Zero‑Day Exploits

CISA added Apple’s WebKit flaw to its Known Exploited list, setting a January 5 federal remediation deadline.

React2Shell Attacks Intensify as React Issues Second Round of Emergency Patches

CISA Adds Actively Exploited GeoServer XXE to KEV, Orders Federal Patching

CISA Adds Gladinet and CWP Flaws to KEV, Setting Nov. 25 Federal Remediation Deadline

CISA Adds VMware Aria Operations/Tools Flaw to KEV, Sets Nov. 20 Patch Deadline for Feds

CISA Adds Motex Lanscope RCE Flaw to KEV, Citing Active Exploitation

CISA Adds Actively Exploited Adobe AEM Forms Flaw to KEV Catalog

CISA Adds Actively Exploited DELMIA Apriso Flaw to KEV With Oct. 2 Fix Deadline

CISA Adds Actively Exploited TP-Link and WhatsApp Flaws to KEV, Sets September Deadlines

CISA Adds Three D-Link Router Flaws to Known Exploited Vulnerabilities Catalog