CISA KEV

CISA Adds Critical CVE-2025-5086 in DELMIA Apriso to KEV Catalog Amid Active Exploitation

Cybercrime, News, Policy, Vulnerabilities

September 12, 2025

The U.S. Cybersecurity and Infrastructure Security Agency added CVE-2025-5086, a critical remote-code-execution flaw in DELMIA Apriso, to its Known Exploited Vulnerabilities catalog after evidence of active exploitation emerged, prompting urgent patching across affected deployments.
CISA Adds Two N-able N-central Vulnerabilities to KEV; MSP Patch Push Underway

News, Policy, Risk, Vendors, Vulnerabilities

August 14, 2025

U.S. authorities added two vulnerabilities in N-able N-central to the Known Exploited Vulnerabilities catalog, while noting no public exploitation has been reported. The flaws—CVE-2025-8875 (insecure deserialization) and CVE-2025-8876 (command injection)—require authentication and have been patched in N-central versions 2025.3.1 and 2024.6 HF2, with upgrades urged for on-premises deployments.