CISA Adds Two Known Exploited Vulnerabilities to Catalog
Summary
CISA added CVE-2021-22175 (GitLab SSRF) and CVE-2026-22769 (Dell RP4VMs hardcoded credentials) to its Known Exploited Vulnerabilities (KEV) Catalog. These vulnerabilities are known to be actively exploited and pose a significant risk, particularly to federal entities.
IFF Assessment
FOE
The addition of actively exploited vulnerabilities to the KEV catalog indicates ongoing threats and increased risk for organizations.
Severity
9.8
Critical
(AI Estimated)
Defender Context
This CISA alert highlights the importance of timely patching and vulnerability management. Defenders should prioritize patching these specific vulnerabilities, especially if they use GitLab or Dell RP4VMs. Keeping systems up-to-date and monitoring for exploitation attempts are crucial to mitigating risk.