CISA adds seven known exploited vulnerabilities to catalog
CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation: CVE-2010-3765 Mozilla Multiple Products Remote Code Execution Vulnerability, CVE-2010-3962 Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability, CVE-2011-3402 Microsoft Windows Remote Code Execution Vulnerability, CVE-2013-3918 Microsoft Windows Out-of-Bounds Write Vulnerability, CVE-2021-22555 Linux Kernel Heap Out-of-Bounds Write Vulnerability, CVE-2021-43226 Microsoft Windows Privilege Escalation Vulnerability, CVE-2025-61882 Oracle E-Business Suite Unspecified Vulnerability.
These types of vulnerabilities are frequent attack vector for malicious cyber actors and pose significant risks to the federal enterprise.