Tag: cisa kev
8 articles
CISA Adds Two Roundcube Flaws to KEV: Exclusive Critical
CISA has added two Roundcube vulnerabilities to its KEV list — including a critical 9.9-rated RCE (CVE-2025-49113) — meaning active exploitation is underway. If you run Roundcube, patch now to protect email stores, contacts, and stop attackers from hijacking accounts.
React2Shell Exclusive: Severe Flaw Added to CISA KEV
CISA just added CVE-2025-55182 — a 10.0 remote-code-execution flaw in React Server Components — to its Known Exploited Vulnerabilities list after reports of active attacks. If your stack uses React Server Components, treat this as an emergency: prioritize patches, mitigations, and threat hunting now.
CISA Exclusive: Critical XSS in OpenPLC ScadaBR
CISA has added an actively exploited XSS (CVE‑2021‑26829) in OpenPLC ScadaBR to its KEV catalog — a stark reminder that even “moderate” web bugs can let attackers hijack operator sessions and issue commands to PLCs. If you run OpenPLC/ScadaBR, prioritize assessment and mitigation now.
CISA Warns: Must-Fix Critical Oracle OIM Flaw
CISA added a critical Oracle Identity Manager flaw to its Known Exploited Vulnerabilities list, meaning attackers are already targeting it. If you handle identity systems, prioritize patching or mitigations now—an unpatched OIM bug can hand intruders the keys to your environment.
CISA Exclusive: Stunning WatchGuard Flaw Threatens 54,000
Heads up: a critical unauthenticated bug (CVE‑2025‑9242) in WatchGuard Fireware VPN appliances can let attackers execute code and seize VPN gateways, putting roughly 54,000 devices at risk. CISA has added it to its KEV list — apply WatchGuard’s patches and lock down management interfaces immediately.
CISA Adds Gladinet, CWP to KEV: Exclusive Critical Alert
CISA has quietly added Gladinet and Control Web Panel to its Known Exploited Vulnerabilities list after evidence of active attacks. These flaws — including CVE-2025-11371 (CVSS 7.5) — are no longer theoretical and should be prioritized for immediate patching and mitigation.
CISA Exclusive: Critical VMware Zero-Day in Active Attacks
When a tool meant to simplify management becomes an intruder’s doorway, you need to act fast. CISA has added CVE-2025-41244 to its Known Exploited Vulnerabilities list after active attacks on VMware Tools and Aria Operations — patch or mitigate immediately.
Lanscope Endpoint Manager Exclusive: Critical Bug Exploited
A critical, actively exploited flaw in Motex Lanscope Endpoint Manager (CVE-2025-61932) — now on CISA’s KEV list — can turn your endpoint manager into an attacker’s shortcut. If you run on‑prem Lanscope Client, act now: patch immediately, isolate affected hosts, and hunt for suspicious activity.