CISA adds five known exploited vulnerabilities to catalog
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation:
CVE-2018-14634 Linux Kernel Integer Overflow Vulnerability, CVE-2025-52691 SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability, CVE-2026-21509 Microsoft Office Security Feature Bypass Vulnerability, CVE-2026-23760 SmarterTools SmarterMail Authentication Bypass Using an Alternate Path or Channel Vulnerability, CVE-2026-24061 GNU InetUtils Argument Injection Vulnerability.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.