CISA Adds Four Actively Exploited Flaws to KEV Catalog
🔔 CISA has added four vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog after observing active exploitation. The additions include CVE-2026-2441 (Chrome use-after-free), CVE-2020-7796 (Synacor Zimbra SSRF), CVE-2024-7694 (TeamT5 ThreatSonar arbitrary file upload), and CVE-2008-0015 (Windows Video ActiveX overflow). Federal agencies are urged to remediate by March 10, 2026.
