Skip to content
The Nexus
DossierENTITY

Known Exploited Vulnerabilities (KEV) catalog

Coverage of Known Exploited Vulnerabilities (KEV) catalog in the Nexus archive.

Earliest in view: May 3 · 06:26 UTCMost recent: Jun 17 · 05:50 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 17 · 05:50 UTCTHE HACKER NEWS
    CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

    CISA added a maximum-severity vulnerability in Joomla JCE to its KEV catalog, citing active exploitation. The flaw, CVE-2026-48907 with a CVSS score of 10.0, involves improper access control allowing arbitrary PHP code execution.

  • SECURITYJun 10 · 16:07 UTCCYBERSCOOP
    CISA directive orders agencies to prioritize vulnerability patching in a new way

    CISA ordered federal agencies to prioritize vulnerability patching based on four criteria, including public exposure and automation potential. Agencies must adhere to timelines for remediation, with urgent fixes required for vulnerabilities meeting all four criteria. The directive aims to address AI-driven increases in vulnerability discovery and exploitation.

  • SECURITYJun 4 · 07:19 UTCTHE HACKER NEWS
    CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog

    CISA added a critical remote code execution (RCE) vulnerability in Mirasvit Cache Warmer, a Magento extension, to its KEV catalog due to active exploitation. The flaw, CVE-2026-45247 with a CVSS score of 9.8, involves deserialization of untrusted data.

  • SECURITYMay 3 · 06:26 UTCTHE HACKER NEWS
    CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

    CISA added a critical Linux privilege escalation vulnerability (CVE-2026-31431) to its KEV catalog due to active exploitation. The flaw, with a CVSS score of 7.8, allows local attackers to gain root access on affected Linux distributions.

Known Exploited Vulnerabilities (KEV) catalog · Dossier · The Nexus