CISA Adds Four Known Exploited Vulnerabilities to Catalog
Summary
CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. These vulnerabilities, affecting Lantronix EDS5000 and Ubiquiti UniFi OS, pose significant risks and are frequent attack vectors for malicious actors. The addition reinforces CISA's Binding Operational Directive (BOD) 26-04, which mandates federal agencies to prioritize remediation of these high-risk vulnerabilities.
IFF Assessment
The addition of new, actively exploited vulnerabilities to CISA's KEV catalog indicates an increased threat landscape, which is bad news for defenders.
Severity
CISA KEV: Listed as actively exploited. Federal patch due: June 26, 2026. Known ransomware use: Unknown.
Defender Context
Defenders should prioritize patching or mitigating the four newly added vulnerabilities to their KEV catalog, as CISA has confirmed active exploitation. Organizations, especially federal agencies, must adhere to BOD 26-04 by implementing risk-based vulnerability management and focusing on publicly exposed assets. Staying informed about CISA's KEV additions is crucial for proactive threat mitigation.