CISA added eight actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog on April 21, 2026, covering products such as PaperCut NG/MF, JetBrains TeamCity, Quest KACE SMA, Zimbra Collaboration Suite, Kentico Xperience, and Cisco Catalyst SD‑WAN Manager. Federal remediation deadlines for April–May 2026 accompany the update as CISA urges prioritized patching, noting past exploitation links like Lace Tempest using CVE-2023-27351 to deploy Cl0p and LockBit. #CVE-2023-27351 #CVE-2024-27199 #LaceTempest #Cl0p #LockBit #Zimbra #CiscoCatalyst
Keypoints
- CISA added eight actively exploited vulnerabilities to the KEV catalog on April 21, 2026.
- CVE-2023-27351 (PaperCut NG/MF) and CVE-2024-27199 (JetBrains TeamCity) are highlighted for ongoing exploitation and enterprise impact.
- Three of the newly listed flaws affect Cisco Catalyst SD‑WAN Manager, involving file overwrite, recoverable passwords, and sensitive data exposure.
- CVE-2025-48700 is a high‑risk XSS in Zimbra Collaboration Suite impacting multiple versions and has vendor patches available.
- CISA set federal remediation deadlines for April–May 2026 and recommends organizations prioritize KEV catalog items for patching and mitigation.
Read More: https://thecyberexpress.com/cisa-kev-catalog-vulnerabilities/