CISA
-
CISA flags LiteLLM flaw as exploited in the wild
CISA said a high-severity LiteLLM command injection flaw is being actively exploited. The bug can let authenticated users run commands on the host, and researchers warned it may be chained with a Starlette issue for unauthenticated access.
-
CISA adds exploited Magento extension flaw to known vulnerabilities list
CISA added a critical Magento extension flaw to its exploited vulnerabilities catalog after reports of active abuse. The bug, CVE-2026-45247, can allow remote code execution and affects versions of Mirasvit Cache Warmer before 1.11.12.
-
CISA warns of cyberattacks targeting fuel tank monitoring systems
CISA warned on June 3 that cyberattacks are targeting fuel tank monitoring systems used in critical infrastructure. The report did not identify the attackers or say whether the activity caused outages or damage.
-
US watchdog cites NIST for mismanaging vulnerability database, duplicate work
A Commerce inspector general report said NIST mismanaged the National Vulnerability Database, leaving a backlog of more than 27,000 unprocessed flaws and duplicating work with CISA. The agency agreed to fix six problems.
-
CISA adds exploited Langflow and Trend Micro flaws to vulnerability catalog
CISA added exploited flaws in Langflow and Trend Micro Apex One to its Known Exploited Vulnerabilities catalog on Thursday, citing active attacks. Federal civilian agencies must patch the issues by June 4, 2026.
-
CISA left GitHub repo with passwords and keys exposed for six months
CISA left a public GitHub repository exposed for six months, revealing passwords, keys and tokens in production infrastructure files. GitGuardian found the leak on May 14 and the agency removed the repo the next day.
-
Ivanti says EPMM flaw exploited in limited attacks, CISA adds it to watchlist
Ivanti said a high-severity flaw in its Endpoint Manager Mobile software has been used in limited attacks and can allow remote code execution on affected on-premises systems. CISA added the issue to its exploited vulnerability catalog.
-
Microsoft warns of exploited zero-click Windows flaw exposing sensitive data
Microsoft and CISA said attackers are exploiting CVE-2026-32202, a zero-click Windows flaw that can expose sensitive information. The issue stems from an incomplete fix for an earlier vulnerability linked to Russian espionage activity.
-
CISA adds eight exploited flaws to KEV catalog, including Cisco SD-WAN bugs
CISA added eight exploited vulnerabilities to its catalog, including three Cisco Catalyst SD-WAN Manager flaws. The list spans enterprise software from PaperCut and TeamCity to Quest KACE and Zimbra, with federal agencies given patch deadlines.
-
CISA adds Apache ActiveMQ flaw CVE-2026-34197 to exploited list
CISA says a high-severity Apache ActiveMQ Classic flaw, CVE-2026-34197, is being exploited in the wild. The agency added it to its Known Exploited Vulnerabilities catalog and ordered federal fixes by April 30.
