CISA Flags Oracle WebLogic Flaw as Actively Exploited

The US Cybersecurity and Infrastructure Security Agency (CISA) has flagged a high-severity Oracle WebLogic flaw, CVE-2024-21182, as actively exploited, prompting federal agencies to apply fixes by June 4, 2026. This critical vulnerability, rated 7.5 by CVSS, was added to CISA's Known Exploited Vulnerabilities Catalog after evidence…

https://osintsights.com/cisa-flags-oracle-weblogic-flaw-as-actively-exploited?utm_source=mastodon&utm_medium=social

#OracleWeblogic #Cve202421182 #Cisa #KnownExploitedVulnerabilities #EmergingThreats

CISA Opens KEV Nominations to Bolster Vulnerability Intelligence

CISA is now accepting nominations for its Known Exploited Vulnerabilities catalog, empowering public reporting to strengthen the nation's cybersecurity posture by quickly identifying and mitigating exploited vulnerabilities. By submitting through the new KEV nomination form, you're helping to keep federal,…

https://osintsights.com/cisa-opens-kev-nominations-to-bolster-vulnerability-intelligence?utm_source=mastodon&utm_medium=social

#VulnerabilityDisclosure #KnownExploitedVulnerabilities #Kev #Cisa #VulnerabilityIntelligence

CISA Flags Actively Exploited Langflow, Trend Micro Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on two major vulnerabilities, CVE-2025-34291 and CVE-2026-34926, currently being exploited by hackers, and is requiring federal agencies to patch them by June 4, 2026. These weaknesses, found in Langflow and Trend Micro Apex One, could…

https://osintsights.com/cisa-flags-actively-exploited-langflow-trend-micro-vulnerabilities?utm_source=mastodon&utm_medium=social

#KnownExploitedVulnerabilities #Cve202534291 #Cve202634926 #Langflow #TrendMicro

Ivanti EPMM Flaw Exploited, Grants Admin-Level Access

A critical flaw in Ivanti's Endpoint Manager Mobile (EPMM) has been exploited, allowing attackers to gain admin-level access - and the government is taking swift action to mitigate the threat. Federal agencies are now required to remediate the vulnerability, known as CVE-2026-6973, by May 10, 2026.

https://osintsights.com/ivanti-epmm-flaw-exploited-grants-admin-level-access?utm_source=mastodon&utm_medium=social

#IvantiEpmmFlaw #Cve20266973 #EndpointManagerMobile #RemoteCodeExecution #KnownExploitedVulnerabilities

CISA Warns of Active Exploits in Apache ActiveMQ Vulnerability

A 13-year-old vulnerability in Apache ActiveMQ has suddenly become a pressing concern, prompting the Cybersecurity and Infrastructure Security Agency (CISA) to issue an urgent directive for federal agencies to patch the flaw within two weeks. Attackers are already exploiting this long-dormant vulnerability,…

https://osintsights.com/cisa-warns-of-active-exploits-in-apache-activemq-vulnerability?utm_source=mastodon&utm_medium=social

#ApacheActivemq #Cisa #VulnerabilityManagement #EmergingThreats #KnownExploitedVulnerabilities

CISA Flags Apache ActiveMQ Flaw as Actively Exploited

The US Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on a high-severity flaw in Apache ActiveMQ Classic, warning that it's being actively exploited by hackers - and giving organizations a narrow window to assess their exposure and respond. With a CVSS score of 8.8, this vulnerability is a critical…

https://osintsights.com/cisa-flags-apache-activemq-flaw-as-actively-exploited?utm_source=mastodon&utm_medium=social

#ApacheActivemq #Cve202634197 #Cisa #KnownExploitedVulnerabilities #EmergingThreats

Die #Schwachstelle CVE-2022-27926 in der #Zimbra Collaboration Suite wird von einer russischen #Hackergruppe, die als Winter Vivern und TA473 bekannt ist, bei Angriffen auf #NATO-Regierungsbehörden ausgenutzt, warnt die #CISA in den #USA.

#KnownExploitedVulnerabilities #KEV

https://www.bleepingcomputer.com/news/security/cisa-warns-of-zimbra-bug-exploited-in-attacks-against-nato-countries/