BetaIT-Hub is in early access — your feedback helps us improve. Use the chat or email [email protected]

News Vulnerability
VulnerabilityCISA·41d ago

CISA Adds Four Known Exploited Vulnerabilities to Catalog

p CISA has added four new vulnerabilities to its a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog" Known Exploited Vulnerabilities (KEV) Catalog /a , based on evidence of active exploitation. /p ul li a href="https://www.cve.org/CVERecord?id=CVE-2024-7399" target="_blank" CVE-2024-7399 /a nbsp;Samsung nbsp;MagicINFO nbsp;9 Server Path Traversal Vulnerability /li li a href="https://www.cve.org/CVERecord?id=CVE-2024-57726" target="_blank" CVE-2024-57726 /a nbsp;SimpleHelp nbsp;Missing Authorization Vulnerability /li li a href="https://www.cve.org/CVERecord?id=CVE-2024-57728" target="_blank" CVE-2024-57728 /a nbsp;SimpleHelp nbsp;Path Traversal Vulnerability /li li a href="https://www.cve.org/CVERecord?id=CVE-2025-29635" target="_blank" CVE-2025-29635 /a nbsp;D-Link DIR-823X Command Injection Vulnerability nbsp; /li /ul p These nbsp;types nbsp;of vulnerabilities nbsp;are nbsp;frequent attack vectors nbsp;for malicious cyber actors and pose significant risks to the federal enterprise. nbsp; /p p a href="https://www.cisa.gov/binding-operational-directive-22-01" Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities /a nbsp;established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the nbsp; a href="https://www.cisa.gov/sites/default/files/publications/Reducing_the_Significant_Risk_of_Known_Exploited_Vulnerabilities_211103.pdf" BOD 22-01 Fact Sheet /a nbsp;for more information. nbsp; /p p Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing nbsp;timely nbsp;remediation of nbsp; a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog" KEV Catalog vulnerabilities /a nbsp;as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the nbsp; a href="https://www.cisa.gov/known-exploited-vulnerabilities" specified criteria /a . nbsp; /p

Sign in to read the full article

Create a free account to access all news, downloads, and community features

Sign inCreate account

Originally published by CISA

Source: https://www.cisa.gov/news-events/alerts/2026/04/24/cisa-adds-four-known-exploited-vulnerabilities-catalog

This article is shared for informational purposes. All rights belong to the original author and publisher. If you are the copyright holder and would like this content removed, please contact us.

Shared on IT-Hub by admin