#KEV
12 stories taggedKEV.

US cyber agency gives federal staff four days to patch Langflow AI tool being actively hacked
CISA added an authorisation bypass in the popular AI-agent builder Langflow to its must-patch list after Sysdig spotted attackers stealing cloud keys and hijacking servers.

CISA Flags Four Live-Exploited Bugs in Adobe, Joomla and Langflow
The US cyber agency gave federal agencies until early December to patch a critical Adobe ColdFusion flaw and three others already being abused in the wild.

CISA Flags Actively Exploited SimpleHelp Flaw, Orders Federal Agencies to Patch Fast
A newly listed authentication bypass in SimpleHelp remote-support software is being used in real attacks, and federal agencies now face a hard deadline to fix it.

Splunk Enterprise RCE Flaw Under Active Exploitation, CISA Gives Feds 72 Hours
CVE-2026-20253 allows unauthenticated remote code execution in Splunk Enterprise. Attackers didn't wait long.

The Exposures Defenders Will Be Cleaning Up in 2026
From memory-leak bugs like MongoBleed to forgotten admin panels, the attack surface keeps growing faster than patch cycles.

CISA Sets Three-Day Patch Deadline for Actively Exploited LiteSpeed cPanel Plugin Flaw
CVE-2026-54420 lands on the KEV catalog, triggering a BOD 22-01 remediation clock for federal civilian agencies.

CISA Gives Agencies 72 Hours on Ivanti Sentry Bug Under New Emergency Directive
BOD 26-04 sets a sharper clock for actively exploited flaws. First target: an Ivanti Sentry vulnerability already in attackers' hands.

Langflow Path Traversal Flaw CVE-2026-5027 Hits CISA's Exploited List
An unauthenticated write-anywhere bug in the open-source AI builder is being abused in the wild, per VulnCheck telemetry, raising fresh questions for federal users bound by BOD 22-01 patch deadlines.

CISA's New Patching Directive Drops CVSS as the North Star
BOD 26-04 introduces a four-factor framework that prioritizes internet exposure, active exploitation, and attacker automation over raw severity scores — and gives agencies three days to act on the worst cases.

CISA Triggers Federal Patch Clock on Cisco, Chrome and Arista Bugs Under KEV
Three vulnerabilities added to the Known Exploited Vulnerabilities catalog activate BOD 22-01 remediation deadlines for civilian agencies.

CISA Gives Federal Agencies Four Days to Kill a cPanel Plugin Bug Already Being Exploited
The LiteSpeed plugin sits on millions of shared hosting accounts. CISA's compressed timeline says the quiet part loud: someone's already inside.

CISA's KEV List Just Picked Up Langflow and Apex One — Both Already Being Hit
Two flaws, one AI workflow tool and one veteran endpoint suite, now carry a federal patch deadline because attackers got there first.