Known Exploited Vulnerabilities (KEV)
Coverage of Known Exploited Vulnerabilities (KEV) in the Nexus archive.
- CISA is rethinking how it prioritizes risks and vulnerabilities for feds, private sector
CISA is rethinking risk prioritization for federal and private sectors under acting director Nick Andersen, introducing a binding operational directive for federal agencies. The directive emphasizes risk-based vulnerability management, focusing on internet-exposed assets and CISA's Known Exploited Vulnerabilities (KEV) list, while acknowledging past concepts like Section 9 designations as ineffective.
- Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
CISA has added a critical SQL injection vulnerability (CVE-2026-9082) in Drupal Core to its KEV catalog due to active exploitation. The flaw affects all supported versions of Drupal Core and carries a CVSS score of 6.5.
- CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
CISA added two actively exploited vulnerabilities to its KEV catalog, affecting ConnectWise ScreenConnect and Microsoft Windows. The flaws, including a path traversal vulnerability (CVE-2024-1708) with a CVSS score of 8.4, are being exploited in the wild.
- CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines
CISA added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including three flaws in Cisco Catalyst SD-WAN Manager actively exploited in the wild. The agency set federal deadlines for remediation between April and May 2026, with CVE-2023-27351 highlighted as a high-severity authentication flaw in PaperCut.