For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains …

Jul 10, 2025 · CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

Oct 20, 2025 · CISA has added five new vulnerabilities to its KEV Catalog, based on evidence of active exploitation.

Aug 6, 2025 · . For more information see MAR-251132.c1.v1 Exploitation of SharePoint Vulnerabilities and CISA Releases Malware Analysis Report Associated with Microsoft …

Oct 4, 2023 · CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation: CVE-2023-42793 JetBrains TeamCity …

Sep 29, 2025 · CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2021-21311

Update May 13: In an effort to enhance user experience and highlight the most timely and actionable information for cyber defenders, CISA announced a shift in how we share …

CISA’s Emergency Directive 26-01 calls on federal agencies to identify, analyze, and mitigate vulnerabilities in F5 products to protect against an ongoing exploitation by nation-state threat …

Subscribing to automatic updates from CISA.gov is often the best way to stay on top of breaking news and information about our mission areas. Use this page to sign up for e-mail updates, …

Learn about the importance of CISA's Known Exploited Vulnerability (KEV) catalog and how to use it to help build a collective resilience across the cybersecurity community.