CISA KEV Archives

Artificial Intelligence

Critical Vulnerability in AI Builder Langflow Under Attack

CISA warns organizations that threat actors are exploiting a critical-severity vulnerability in low-code AI builder Langflow.

Ionut ArghireMay 6, 2025

Vulnerabilities

PoC Published for Exploited SonicWall Vulnerabilities

PoC code targeting two exploited SonicWall flaws was published just CISA added them to the KEV catalog.

Ionut ArghireMay 5, 2025

Vulnerabilities

CISA Warns of Exploited Broadcom, Commvault Vulnerabilities

CISA urges immediate patching for recently disclosed Broadcom, Commvault, and Qualitia vulnerabilities exploited in the wild.

Ionut ArghireApril 29, 2025

Vulnerabilities

CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days

CISA has added fresh CentreStack and Windows CLFS vulnerabilities to the Known Exploited Vulnerabilities catalog.

Ionut ArghireApril 9, 2025

Vulnerabilities

CISA Warns of Exploited Nakivo Vulnerability

CISA has added an absolute path traversal bug in Nakivo Backup and Replication to its Known Exploited Vulnerabilities list.

Ionut ArghireMarch 20, 2025

Vulnerabilities

CISA Warns of Ivanti EPM Vulnerability Exploitation

CISA has added three critical-severity flaws in Ivanti EPM to its Known Exploited Vulnerabilities catalog.

Ionut ArghireMarch 11, 2025

Vulnerabilities

Exploitation Long Known for Most of CISA’s Latest KEV Additions

Exploitation has been known for months or years for most of the latest vulnerabilities added by CISA to its KEV catalog.

Eduard KovacsMarch 4, 2025

Vulnerabilities

CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability

CISA has added CVE-2024-20953, an Oracle Agile PLM vulnerability patched in January 2024, to its KEV catalog.

Eduard KovacsFebruary 25, 2025

Vulnerabilities

CISA Warns of Attacks Exploiting Craft CMS Vulnerability

CISA has added a Craft CMS flaw tracked as CVE-2025-23209 to its Known Exploited Vulnerabilities (KEV) catalog.

Eduard KovacsFebruary 21, 2025

Palo Alto Networks vulnerability exploited

Vulnerabilities

Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls

Palo Alto Networks is warning customers that a second vulnerability patched in February is being exploited in attacks.

Eduard KovacsFebruary 21, 2025

Vulnerabilities

CISA Issues Exploitation Warning for .NET Vulnerability

CISA has added CVE-2024-29059, a flaw affecting Microsoft .NET, to its Known Exploited Vulnerabilities catalog.

Eduard KovacsFebruary 5, 2025

Vulnerabilities

CISA Warns of Old jQuery Vulnerability Linked to Chinese APT

CISA has added the JQuery flaw CVE-2020-11023, previously linked to APT1, to its Known Exploited Vulnerabilities (KEV) catalog.

Eduard KovacsJanuary 24, 2025

SECURITYWEEK NETWORK:

ICS:

All posts tagged "CISA KEV"

Artificial Intelligence

Critical Vulnerability in AI Builder Langflow Under Attack

Vulnerabilities

PoC Published for Exploited SonicWall Vulnerabilities

Vulnerabilities

CISA Warns of Exploited Broadcom, Commvault Vulnerabilities

Vulnerabilities

CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days

Vulnerabilities

CISA Warns of Exploited Nakivo Vulnerability

Vulnerabilities

CISA Warns of Ivanti EPM Vulnerability Exploitation

Vulnerabilities

Exploitation Long Known for Most of CISA’s Latest KEV Additions

Vulnerabilities

CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability

Vulnerabilities

CISA Warns of Attacks Exploiting Craft CMS Vulnerability

Vulnerabilities

Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls

Vulnerabilities

CISA Issues Exploitation Warning for .NET Vulnerability

Vulnerabilities

CISA Warns of Old jQuery Vulnerability Linked to Chinese APT

Featured

Vulnerabilities

Hackers Earn Over $1 Million at Pwn2Own Berlin 2025

Incident Response

From 60 to 4,000: NATO’s Locked Shields Reflects Cyber Defense Growth

ICS/OT

Production at Steelmaker Nucor Disrupted by Cyberattack

Nation-State

Chinese Hackers Hit Drone Sector in Supply Chain Attacks

Malware & Threats

Google Ships Android ‘Advanced Protection’ Mode to Thwart Surveillance Spyware

Vulnerabilities

Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers

Malware & Threats

Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday

Latest News

Cloud Security

NATO-Flagged Vulnerability Tops Latest VMware Security Patch Batch

Vulnerabilities

Vulnerability Exploitation Probability Metric Proposed by NIST, CISA Researchers

Threat Intelligence

Event Preview: 2025 Threat Detection & Incident Response (Virtual) Summit

Cybersecurity Funding

TrustCloud Raises $15 Million for Security Assurance Platform

Cybersecurity Funding

CloudSEK Raises $19 Million for Threat Intelligence Platform

Mobile & Wireless

O2 Service Vulnerability Exposed User Location

Government

Madhu Gottumukkala Officially Announced as CISA Deputy Director

Daily Briefing Newsletter