Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1941+ Articles
150+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
20 articles

#KEV

All CosmicBytez Labs articles tagged #KEV, across news, security advisories, how-to guides, and projects.

  • NewsJul 17, 2026

    CISA Orders Immediate Patching of Actively Exploited Fortinet FortiSandbox Flaws

    CISA added two critical Fortinet FortiSandbox OS command injection vulnerabilities to its KEV catalog and gave federal agencies just three days to patch, as active exploitation continues against the security appliance platform.

  • NewsJul 13, 2026

    iCagenda and Balbooa Forms Joomla Flaws Exploited as Zero-Days

    CISA has added two maximum-severity flaws in iCagenda and Balbooa Forms Joomla extensions to its KEV catalog following confirmed zero-day exploitation in the wild. Administrators should patch or mitigate immediately.

  • NewsJul 8, 2026

    CISA Orders Feds to Prioritize Patching Langflow Auth Bypass Flaw

    CISA added CVE-2026-55255, a CVSS 9.9 IDOR authorization bypass in Langflow, to its Known Exploited Vulnerabilities catalog on July 7, ordering U.S....

  • NewsJun 27, 2026

    CISA Sets Urgent Deadline to Fix Cisco Flaw Actively Exploited in Attacks

    CISA has added a Cisco Unified Communications Manager Server vulnerability to its Known Exploited Vulnerabilities catalog and ordered federal agencies to...

  • NewsJun 26, 2026

    CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue

    CISA has added CVE-2026-12569, a critical remote code execution vulnerability in PTC Windchill PDMlink and FlexPLM, to its Known Exploited Vulnerabilities...

  • NewsletterJun 17, 2026

    June 17 Digest: Teams C2 Evasion, Copilot Data Theft, iRhythm Breach, cPanel KEV

    DragonForce hides C2 inside Microsoft Teams relay traffic; a SearchLeak attack weaponizes M365 Copilot for one-click data exfiltration; iRhythm confirms...

  • NewsJun 16, 2026

    CISA Warns of Another Actively Exploited cPanel Plugin Flaw

    CISA has added CVE-2026-54420, an actively exploited vulnerability in the LiteSpeed cPanel user-end plugin, to its Known Exploited Vulnerabilities catalog...

  • NewsJun 9, 2026

    CISA Gives Feds 3 Days to Patch Check Point VPN Bug Exploited as Zero-Day

    CISA ordered federal agencies to patch a critical Check Point Remote Access VPN flaw within 3 days after Qilin ransomware affiliates were confirmed...

  • NewsJun 7, 2026

    CISA: Hackers Now Exploit SolarWinds Serv-U Flaw to Crash Servers

    CISA added a high-severity SolarWinds Serv-U flaw to its KEV catalog after confirming attackers are actively exploiting it to crash file transfer servers.

  • NewsJun 4, 2026

    CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog

    CISA has added a critical remote code execution vulnerability in the Mirasvit Cache Warmer Magento extension to its Known Exploited Vulnerabilities catalog…

  • NewsMay 27, 2026

    CISA Gives Feds 4 Days to Patch Actively Exploited cPanel Plugin Flaw

    CISA's emergency directive gives federal agencies four days to patch the actively exploited LiteSpeed cPanel plugin flaw being weaponized in the wild.

  • NewsMay 23, 2026

    Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

    CISA has added CVE-2026-9082, a SQL injection vulnerability in Drupal Core, to its Known Exploited Vulnerabilities catalog following confirmed in-the-wild...

  • NewsMay 8, 2026

    CISA Gives Federal Agencies Four Days to Patch Actively

    CISA has added a high-severity Ivanti Endpoint Manager Mobile vulnerability to the Known Exploited Vulnerabilities catalog and issued an emergency...

  • NewsMay 3, 2026

    CISA Adds Actively Exploited Linux Root Access Bug

    The U.S. Cybersecurity and Infrastructure Security Agency has added CVE-2026-31431, a Linux kernel privilege escalation flaw enabling root access, to its...

  • NewsApr 25, 2026

    CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal

    CISA has added four actively exploited vulnerabilities affecting SimpleHelp, Samsung MagicINFO 9 Server, and D-Link DIR-823X routers to its Known...

  • NewsMar 29, 2026

    CISA: New Langflow Flaw Actively Exploited to Hijack AI

    CISA has added CVE-2026-33017, a critical unauthenticated remote code execution vulnerability in the Langflow AI framework, to its Known Exploited...

  • NewsMar 28, 2026

    CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM

    CISA has added CVE-2025-53521, a critical vulnerability in F5 BIG-IP Access Policy Manager, to its Known Exploited Vulnerabilities catalog after...

  • NewsMar 19, 2026

    CISA Adds Zimbra XSS and SharePoint RCE to KEV; Cisco FMC

    CISA added actively exploited Zimbra Collaboration Suite and Microsoft SharePoint vulnerabilities to its Known Exploited Vulnerabilities catalog on March...

  • SecurityFeb 23, 2026

    CISA Adds Two Actively Exploited Roundcube Webmail Flaws to KEV

    CISA has added two Roundcube Webmail vulnerabilities to the Known Exploited Vulnerabilities catalog — CVE-2025-49113 (CVSS 9.9, deserialization RCE) and...

  • SecurityFeb 4, 2026

    CISA Adds Four Critical Vulnerabilities to KEV Catalog

    CISA has updated the Known Exploited Vulnerabilities catalog with four actively exploited flaws including Microsoft Office and SmarterMail vulnerabilities.