CISA adds SolarWinds Serv-U CVE-2026-28318 to KEV, DoS in the wild
CISA added CVE-2026-28318 — an unauthenticated DoS in SolarWinds Serv-U — to KEV on June 5. CVSS 7.5. Fix is 15.5.4 Hotfix 1. FCEB deadline June 19.
Stories tagged: #kev
CISA adds Oracle WebLogic CVE-2024-21182 to KEV catalog
CISA added the two-year-old Oracle WebLogic auth-bypass CVE-2024-21182 to KEV on June 1, citing active exploitation. Federal agencies have until June 4 to patch.
Android Framework zero-day CVE-2025-48595 added to CISA KEV
Google's June 2026 Android Security Bulletin fixes 124 flaws, including a Framework integer overflow under limited, targeted exploitation. CISA wants federal agencies patched by 5 June.
Palo Alto GlobalProtect auth bypass (CVE-2026-0257) added to CISA KEV after weeks of exploitation
PAN-OS portals with authentication-override cookies on a shared certificate let attackers forge a valid session. Rapid7 observed exploitation since May 17. Federal patch deadline June 19.
CISA flags Langflow CVE-2025-34291: CORS chain yields RCE
CISA added CVE-2025-34291 to the KEV catalog on May 21. An overly permissive CORS plus a misconfigured refresh-token cookie chain to account takeover and code execution in Langflow ≤ 1.6.9.