CISA added eight vulnerabilities to its Known Exploited Vulnerabilities catalog, including three affecting Cisco Catalyst SD-WAN Manager (CVE-2026-20133, CVE-2026-20128, CVE-2026-20122), with Cisco confirming active exploitation of two of those in March 2026. US federal civilian agencies must remediate all eight flaws by April 20, 2026, while other listed issues include exploited bugs in PaperCut NG/MF linked to Lace Tempest, JetBrains TeamCity, Quest KACE appliances, and Synacor Zimbra. #CiscoCatalystSDWAN #CVE-2026-20133 #LaceTempest #PaperCutNGMF #Zimbra
Keypoints
- CISA added eight vulnerabilities to its KEV catalog, including three targeting Cisco Catalyst SD-WAN Manager.
- Cisco confirmed CVE-2026-20128 and CVE-2026-20122 were actively exploited in early March 2026.
- VulnCheck warned that CVE-2026-20133 poses higher risk and may already be exploited despite no public confirmation.
- Other KEV additions include exploited flaws in PaperCut NG/MF (linked to Lace Tempest), JetBrains TeamCity, Quest KACE, and Synacor Zimbra.
- US federal civilian agencies are required to remediate all eight vulnerabilities by April 20, 2026.