CISA Confirms Active Exploitation of Four Enterprise Bugs
⚠️ The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added four vulnerabilities affecting enterprise software to its KEV catalog after observing active exploitation. Affected projects include Versa Concerto, Zimbra Collaboration Suite, the Vite frontend toolchain, and the eslint-config-prettier package used with Prettier. CISA requires federal agencies to apply vendor patches or mitigations, or stop using impacted products by February 12, 2026. Details on the nature and scope of in-the-wild exploitation remain limited.
