#cisa-kev-catalog

[ follow ]
#remote-code-execution #active-exploitation #vmware-aria-operations #n8n-vulnerability #expression-injection
Information security
fromthehackernews.com
1 day ago

CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed

CISA added a critical n8n vulnerability (CVE-2025-68613) with a 9.9 CVSS score to its Known Exploited Vulnerabilities catalog due to active exploitation, enabling remote code execution through expression injection in authenticated users.
Information security
fromSecurityWeek
2 days ago

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks

CISA added three critical vulnerabilities to its Known Exploited Vulnerabilities catalog, requiring federal agencies to patch them within one to two weeks due to active exploitation threats.
fromSecurityWeek
6 days ago

Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks

The vulnerability, related to an insufficiently protected cryptographic key, could allow a remote, unauthenticated attacker to bypass verification and connect to a targeted controller by mimicking an engineering workstation. In a real-world industrial environment, the vulnerability could allow remote attackers to manipulate PLC logic and disrupt manufacturing processes, or even cause physical damage to equipment.
Information security
fromSecurityWeek
1 week ago

VMware Aria Operations Vulnerability Exploited in the Wild

A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress. CISA added CVE-2026-22719 to its Known Exploited Vulnerabilities (KEV) catalog on Tuesday, instructing federal agencies to address it by March 24.
Information security
fromThe Hacker News
1 week ago

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

A malicious unauthenticated actor may exploit this issue to execute arbitrary commands, which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress. The shortcoming was addressed, along with CVE-2026-22720, a stored cross-site scripting vulnerability, and CVE-2026-22721, a privilege escalation vulnerability that could result in administrative access.
Information security
Information security
fromThe Hacker News
2 weeks ago

CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

CISA added CVE-2026-25108, an OS command injection vulnerability in FileZen, to its Known Exploited Vulnerabilities catalog due to active exploitation evidence.
Information security
fromSecurityWeek
1 month ago

Organizations Warned of Exploited Linux Vulnerabilities

Critical GNU Inetutils telnetd authentication bypass (CVE-2026-24061) enables remote root via crafted Telnet USER variable, and kernel integer overflow (CVE-2018-14634) permits privilege escalation.
Information security
fromTheregister
2 months ago

CISA flags exploited Office relic alongside fresh HPE flaw

Attackers actively exploit a critical HPE OneView code-injection vulnerability (CVE-2025-37164) and a legacy PowerPoint code-injection flaw (CVE-2009-0556).
[ Load more ]