CISA Adds Three Known Exploited Vulnerabilities to Catalog
Summary
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. These include vulnerabilities in Arista Extensible Operating System, Google Chromium, and Cisco Catalyst SD-WAN Manager. The directive requires federal agencies to remediate these vulnerabilities, and CISA urges all organizations to prioritize them.
IFF Assessment
The addition of actively exploited vulnerabilities to CISA's KEV catalog signifies known threats that malicious actors are leveraging, posing a direct risk to defenders.
Severity
CISA KEV: Listed as actively exploited. Federal patch due: June 23, 2026. Known ransomware use: Unknown.
Defender Context
Defenders should be aware that these specific CVEs are being actively exploited, meaning they are prime targets for immediate patching and mitigation efforts. Prioritizing vulnerabilities on the KEV list is a critical component of effective vulnerability management to reduce the attack surface against known threats.