Advertisement
CVE-2025-53521: CISA Warns of Active F5 BIG-IP APM RCE Exploitation
CISA adds CVE-2025-53521 to its KEV catalog following active exploitation of F5 BIG-IP APM. The critical RCE flaw carries a CVSS v4 score of 9.3.
CVE-2025-53521: F5 BIG-IP RCE — Patch Now for Active Exploitation
CISA adds CVE-2025-53521, an actively exploited F5 BIG-IP Remote Code Execution (RCE) vulnerability, to its KEV Catalog. Immediate patching is critical.
TeamPCP Supply Chain: Checkmarx Wider Scope & LiteLLM PyPI Compromise
An update on the TeamPCP supply chain campaign details wider Checkmarx impact, LiteLLM PyPI compromise, and a CISA KEV entry.
CVE-2026-33634: Aqua Trivy Embedded Malicious Code — Patch Now
CISA adds CVE-2026-33634, an Aqua Security Trivy Embedded Malicious Code Vulnerability, to KEV catalog due to active exploitation.
CVE-2026-33017: Langflow Code Injection - Patch Immediately
CISA adds actively exploited Langflow Code Injection Vulnerability (CVE-2026-33017) to KEV catalog. Critical patch urged for all organizations.
CVE-2025-66376: ZCS Cross-Site Scripting Actively Exploited
CISA adds CVE-2025-66376, a Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting vulnerability, to its KEV Catalog due to active exploitation. Immediate
CVE-2024-4510: Zimbra Collaboration Suite XSS Exploitation Guide
CISA adds CVE-2024-4510 to the KEV catalog following active exploitation of a Zimbra Collaboration Suite XSS vulnerability. Patch ZCS version 9.0.0 today.
CVE-2024-50498: Wing FTP Server Exploited in RCE Chains — Patch Now
CISA adds CVE-2024-50498 to its KEV catalog after reports of active exploitation. Learn how to secure Wing FTP Server versions prior to 7.5.0 from RCE chains.
Ivanti EPM CVE-2024-29824 Exploited: Technical Analysis and Patching
CISA warns of active exploitation of CVE-2024-29824 in Ivanti Endpoint Manager. Secure your Core server with our technical analysis and mitigation guide.
CVE-2024-29847: Ivanti EPM RCE Under Active Exploitation - Patch Now
CISA warns of active exploitation of a critical Ivanti EPM vulnerability (CVE-2024-29847). Learn how to mitigate this unauthenticated RCE threat immediately.
CISA Flags SolarWinds, Ivanti, and Workspace One Flaws in KEV Update
CISA adds vulnerabilities in SolarWinds, Ivanti, and Omnissa Workspace One UEM to its Known Exploited Vulnerabilities catalog following active exploitation.
CVE-2026-1603: CISA Warns of Active Ivanti and SolarWinds Exploitation
CISA adds CVE-2026-1603, CVE-2025-26399, and CVE-2021-22054 to the KEV catalog, requiring immediate remediation for Ivanti, SolarWinds, and Omnissa systems.