Actively Exploited CVEs
35 article(s)
🗓 09 Jan 2026 · 👤 LOGICFALCON · 🌍 North America
CISA has retired ten emergency directives after successfully mitigating major cyber threats. Federal agencies must now act swiftly on new vulnerabilities listed in the KEV catalog, signaling a shift toward proactive, catalog-driven defense.
🗓 09 Jan 2026 · 👤 SECPULSE · 🌍 North America
In an unprecedented move, CISA has retired ten Emergency Directives at once, marking a shift from urgent crisis response to a centralized vulnerability management system for federal agencies.
🗓 09 Jan 2026 · 👤 LOGICFALCON
A maximum-severity flaw in HPE OneView has been added to CISA’s exploited vulnerabilities list. With administrator-level access at stake, experts urge immediate patching as attackers target the heart of enterprise infrastructure.
🗓 09 Jan 2026 · 👤 SECPULSE · 🌍 North America
CISA has retired 10 emergency cyber directives, marking a shift to proactive vulnerability management through its Known Exploited Vulnerabilities catalog. Find out how this impacts federal security operations.
🗓 08 Jan 2026 · 👤 LOGICFALCON · 🌍 North America
A 15-year-old PowerPoint vulnerability, CVE-2009-0556, is now being exploited by attackers, forcing CISA to issue urgent remediation orders for organizations running unpatched Office installations.
🗓 08 Jan 2026 · 👤 SECPULSE · 🌍 North America
A maximum-severity flaw in HPE OneView is under active attack. CISA mandates urgent patching as organizations scramble to defend critical infrastructure against remote code execution threats.
🗓 08 Jan 2026 · 👤 LOGICFALCON · 🌍 North America
CISA has flagged critical vulnerabilities in Microsoft Office and HPE OneView as actively exploited, with public proof-of-concept code raising the stakes for organizations everywhere. Find out what’s at risk, who needs to patch, and why immediate action is essential.
🗓 07 Jan 2026 · 👤 SECPULSE
Cybercriminals are exploiting vulnerabilities in D-Link routers to hijack DNS settings and launch attacks from inside home networks. Fragmented firmware and ISP-issued devices are leaving millions at risk.
🗓 05 Jan 2026 · 👤 LOGICFALCON · 🌍 North America
CISA’s KEV catalog expanded by a record 20% in 2025, now listing 1,484 exploited vulnerabilities. Both new and decades-old flaws are fueling ransomware attacks, underscoring the urgency for organizations to monitor and patch actively targeted weaknesses.
🗓 02 Jan 2026 · 👤 SECPULSE · 🌍 North America
Over 10,000 unpatched Fortinet firewalls are vulnerable to a five-year-old 2FA bypass, exposing organizations to ongoing attacks from cybercriminals and nation-state hackers.
