CISA Adds Four Known Exploited Vulnerabilities to Catalog
Summary
CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, indicating they are actively being exploited by malicious actors. These vulnerabilities include a path traversal flaw in Samsung MagicINFO, missing authorization and path traversal issues in SimpleHelp, and a command injection vulnerability in D-Link DIR-823X devices. Federal agencies are mandated to remediate these, and CISA strongly advises all organizations to prioritize patching them.
IFF Assessment
The addition of new, actively exploited vulnerabilities to CISA's KEV catalog represents a direct increase in the threat landscape for defenders.
Severity
CISA KEV: Listed as actively exploited. Federal patch due: May 08, 2026. Known ransomware use: Unknown.
Defender Context
Defenders must prioritize patching these identified vulnerabilities as they are known to be actively exploited, posing a significant risk. Organizations should ensure their vulnerability management programs are robust and actively monitor CISA's KEV catalog for emerging threats that require immediate attention.