Technology ❯ Cybersecurity ❯ Vulnerabilities

Known Exploited Vulnerabilities

CISA CISA Catalog CISA Actions CVE-2025-55177 Apache ActiveMQ CVE-2026-22769 TP-Link Flaws CVE-2025-11371 CVE-2025-14611 CVE-2025-68613

CISA Orders Rapid Patch for LiteSpeed cPanel Flaw That Lets Attackers Escalate to Root

The agency says the vulnerability is being actively exploited and has given federal agencies a June 18 deadline to remediate.

Arista Declines Patch for Actively Exploited EOS Tunnel Flaw

CISA Adds LiteLLM Command‑Injection Flaw to Known Exploited Vulnerabilities List

Active Exploitation of Palo Alto GlobalProtect Flaw Forces Urgent Patching

CISA Adds Eight Exploited Vulnerabilities to KEV and Sets Rapid Federal Patch Deadlines

CISA Adds ActiveMQ RCE to KEV With April 30 Patch Deadline

CISA Adds Actively Exploited Langflow RCE to KEV, Sets April 8 Deadline

CISA Flags SharePoint, Zimbra Flaws as Actively Exploited, Sets Rapid Federal Patching Deadlines

CISA Adds Actively Exploited Wing FTP Flaw to KEV With March 30 Fix Deadline

CISA Puts Actively Exploited n8n RCE on KEV, Orders Federal Patching by March 25

CISA Adds Three Actively Exploited Flaws to KEV, Sets Fast Federal Patching Deadlines

CISA Puts Exploited FileZen Bug on KEV With March 17 Fix Deadline

Dell Patches RecoverPoint Zero-Day Exploited Since 2024 by Suspected China Group

CISA Adds Chrome Zero-Day and Legacy Bugs to KEV With March 10 Patch Deadline

CISA Flags SmarterMail RCE as Ransomware Target, Sets Feb. 26 Patch Deadline

CISA Forces Three-Day Patch for Actively Exploited SolarWinds Web Help Desk Flaw

Ivanti EPMM Zero-Day RCE Flaws Exploited as CISA Orders Rapid Mitigation

CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog With Feb. 12 Remediation Deadline

CISA Adds HPE OneView, Microsoft Office Flaws to Exploited Vulnerabilities List

Apple, Google Rush Patches as CISA Flags WebKit Zero‑Day Exploits