CISA adds two known exploited vulnerabilities to catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation: CVE-2022-37055 D-Link Routers Buffer Overflow Vulnerability, CVE-2025-66644 Array Networks ArrayOS AG OS Command Injection Vulnerability.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.