CISA added four actively exploited flaws to its Known Exploited Vulnerabilities catalog, including a critical Adobe ColdFusion bug, and told federal civilian agencies to patch by July 10, 2026.
·