CISA Adds Two Vulnerabilities to KEV Catalog
🔔 CISA added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog after confirming active exploitation. The agency emphasizes these flaws are common attack vectors that present substantial risk to the federal enterprise. BOD 26-04 requires Federal Civilian Executive Branch agencies to prioritize rapid remediation of high-risk CVEs in the KEV catalog and to assess potential compromise before patching. CISA urges all organizations to adopt risk-based vulnerability management and to submit suspected exploited flaws via the KEV Nomination Form.
