Skip to main content

Tag: kev catalog

6 articles

Technician applies security patch to computer system, symbolizing vulnerability fix.

CISA Orders Emergency Patch for Exploited Fortinet Vulnerabilities

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive requiring federal agencies to patch or mitigate two critical Fortinet vulnerabilities within a tight three-day window, underscoring the severity of these flaws. This urgent action follows the discovery of a critical OS command injection vulnerability in FortiSandbox, allowing attackers to execute unauthorized code or commands.

Analyst 207
Brightly-lit industrial control system in a neutral server room setting.

CISA Warns of Active Exploitation of Adobe, Joomla, and Langflow Flaws

The US Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on four high-severity vulnerabilities in Adobe, Joomla, and Langflow that are being actively exploited by hackers. Federal agencies have until July 10, 2026, to patch these flaws and avoid potential breaches.

Analyst 207
Blurred laptop screen showing Joomla Content Editor interface in a tech office setting.

CISA Warns of Actively Exploited Joomla Flaw Enabling PHP Code Execution

A critical Joomla flaw, tracked as CVE-2026-48907, is being actively exploited, allowing attackers to upload and execute PHP code - and the US Cybersecurity and Infrastructure Security Agency (CISA) is warning users to take immediate action. A patch is available in version 2.9.99.5 of the Widget Factory Joomla Content Editor.

Analyst 207
Technicians work in a brightly lit network operations room with a central router or switch surrounded by equipment and…

CISA Flags Cisco, Chrome, Arista Flaws as Actively Exploited

Stay safe online: CISA has flagged serious vulnerabilities in Cisco, Chrome, and Arista that are being actively exploited by hackers, so take action now to protect your systems. These flaws could let attackers gain unauthorized access, making it crucial to update your software ASAP.

Analyst 207
Cracked metal lock with eerie glow, code on smartphone and laptop screens in foreground.

CISA Catalog Adds 8 Exploited Flaws

The US Cybersecurity and Infrastructure Security Agency (CISA) just beefed up its catalog of actively exploited software flaws by adding eight new entries, including three Cisco vulnerabilities and a high-severity PaperCut flaw. Federal agencies now have until April and May 2026 to mitigate these risks.

Analyst 207
Abandoned industrial control room with outdated computer server glowing eerie blue.

CISA Warns of Active Exploits in Apache ActiveMQ Vulnerability

A 13-year-old vulnerability in Apache ActiveMQ has suddenly become a pressing concern, prompting the Cybersecurity and Infrastructure Security Agency (CISA) to issue an urgent directive for federal agencies to patch the flaw within two weeks. Attackers are already exploiting this long-dormant vulnerability, making swift action a critical priority.

Analyst 207