Secure Bulletin Navigating the cyber sea with knowledge
Home > Tag > KEV
#KEV

CISA Adds Oracle PeopleSoft Zero-Day CVE-2026-35273 to KEV Catalog After Ransomware Gang Exploitation

18 June 2026  |  dark6  |  Ransomware

CISA has added a critical Oracle PeopleSoft vulnerability (CVE-2026-35273) to its Known Exploited Vulnerabilities catalog after confirming active exploitation in ransomware campaigns. The flaw allows unauthenticated attackers to...

>> read more

CISA Warns: SolarWinds Serv-U CVE-2026-28318 Actively Exploited — Zero-Auth DoS Attack Hits File Transfer Platform

8 June 2026  |  dark6  |  Vulnerability

CISA has added CVE-2026-28318, a zero-authentication denial-of-service flaw in SolarWinds Serv-U, to its Known Exploited Vulnerabilities catalog. Attackers can crash the service remotely with a single crafted HTTP...

>> read more

CISA Adds Actively Exploited Linux Kernel CVE-2022-0492 to KEV Catalog — Patch Now

8 June 2026  |  dark6  |  Vulnerability

CISA has added CVE-2022-0492, a Linux kernel improper authentication flaw, to its Known Exploited Vulnerabilities catalog. The vulnerability enables privilege escalation and container escape attacks and is being...

>> read more

CISA Adds Two Actively Exploited Microsoft Defender Zero-Days to KEV Catalog — Patch by June 3

23 May 2026  |  dark6  |  Vulnerability

CISA has added two critical Microsoft Defender vulnerabilities — CVE-2026-45498 and CVE-2026-41091 — to its Known Exploited Vulnerabilities catalog following evidence of active exploitation in the wild. Federal...

>> read more

CISA Adds Apache ActiveMQ CVE-2026-34197 to KEV Catalog as Active Exploitation Surges

18 April 2026  |  dark6  |  Vulnerability

CISA has added CVE-2026-34197, a high-severity (CVSS 8.8) deserialization flaw in Apache ActiveMQ Classic, to its Known Exploited Vulnerabilities catalog after active exploitation was detected within 48 hours...

>> read more