Spider Cyber Team : CISA Adds 4 Actively Exploited Vulnerabilities to KEV Catalog

Published by Spider Cyber Team

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four newly discovered vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, warning that these flaws are actively being exploited in real-world cyberattacks.

The agency has urged federal organizations to take immediate action, setting a strict deadline in May 2026 to mitigate these threats and reduce the risk of ransomware infections and botnet activity.

Critical Vulnerabilities Identified

The newly added vulnerabilities affect widely used technologies, including remote support tools, enterprise display management systems, and networking devices. All four vulnerabilities have confirmed evidence of active exploitation in the wild.

Among the most critical is a high-severity flaw (CVSS score 9.9) impacting SimpleHelp software, which allows attackers with limited access to escalate privileges and gain full administrative control over targeted systems.

Affected Systems

The vulnerabilities impact the following platforms:

SimpleHelp remote support software (multiple flaws)
Samsung MagicINFO 9 Server
D-Link DIR-823X routers

Some of these vulnerabilities have previously been linked to malware campaigns, including variants of the Mirai botnet, which targets vulnerable devices to build large-scale attack networks.

Real-World Exploitation and Threats

Security researchers have observed active exploitation attempts targeting these vulnerabilities, indicating that attackers are rapidly weaponizing newly discovered flaws.

In particular, D-Link devices have been targeted in attacks designed to deploy botnet malware, highlighting the ongoing risks posed by unpatched network infrastructure.

CISA’s KEV Catalog and Its Importance

The KEV catalog maintained by CISA serves as a critical resource for organizations, listing vulnerabilities that are actively exploited and require immediate attention.

Security experts consider inclusion in the KEV list a strong indicator that a vulnerability poses a significant and immediate threat to systems worldwide.

Mandatory Deadline for Mitigation

CISA has set a firm deadline of May 2026 for federal agencies to apply patches or discontinue affected systems where fixes are unavailable.

Failure to comply could leave systems exposed to cyberattacks, including data breaches, system compromise, and large-scale malware infections.

Conclusion

The addition of these vulnerabilities to the KEV catalog highlights the growing speed and sophistication of modern cyber threats. Organizations are strongly advised to prioritize patching and vulnerability management to stay ahead of attackers.

As cybercriminals continue to exploit newly discovered weaknesses, proactive security measures remain the first line of defense against large-scale cyber incidents.

Keywords: