CISA Adds Two Known Exploited Vulnerabilities to Catalog
Summary
CISA has added two new vulnerabilities, CVE-2026-42271 and CVE-2026-50751, to its Known Exploited Vulnerabilities (KEV) Catalog. These vulnerabilities, identified as a Command Injection Vulnerability in BerriAI LiteLLM and an Improper Authentication Vulnerability in Check Point Security Gateway, are being actively exploited and pose significant risks. Federal agencies are required to remediate these, and CISA urges all organizations to prioritize their patching.
IFF Assessment
The addition of newly exploited vulnerabilities to CISA's KEV catalog indicates active threats that defenders need to address, representing a challenge rather than a helpful development.
Severity
CISA KEV: Listed as actively exploited. Federal patch due: June 11, 2026. Known ransomware use: Unknown.
Defender Context
The inclusion of these CVEs in the KEV catalog signals that they are actively being exploited in the wild, making them high-priority targets for remediation. Defenders should monitor for these vulnerabilities in their environments and ensure timely patching to mitigate the risk of compromise.