CISA adds two known exploited vulnerabilities to catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation: CVE-2025-14174 Google Chromium Out-of-Bounds Memory Access Vulnerability and CVE-2018-4063 Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability.
These types of vulnerabilities are a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.