CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline
Summary
CISA has added four newly exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities affect SimpleHelp, Samsung MagicINFO 9 Server, and D-Link DIR-823X series routers, with a federal deadline of May 2026 for mitigation.
IFF Assessment
The addition of actively exploited vulnerabilities to the KEV catalog indicates that attackers are successfully leveraging these flaws, posing an immediate threat to organizations.
Severity
The CVSS score of 9.9 reflects a critical severity due to a missing authorization vulnerability, which likely allows for widespread unauthorized access and control over affected systems.
CISA KEV: Listed as actively exploited. Federal patch due: May 08, 2026. Known ransomware use: Unknown.
Defender Context
Organizations must prioritize patching or mitigating vulnerabilities listed in the KEV catalog, especially those with high CVSS scores, to prevent exploitation. The inclusion of SimpleHelp, Samsung, and D-Link products indicates a need to assess the security posture of various hardware and software deployments.