CISA Adds Six Actively Exploited Vulnerabilities to KEV Across Fortinet, Microsoft, and Adobe
CISA added six vulnerabilities to its Known Exploited Vulnerabilities catalog due to active exploitation: CVE-2026-21643 (Fortinet FortiClient EMS SQL injection), CVE-2020-9715 (Adobe Acrobat Reader use-after-free), CVE-2023-36424 (Windows CLFS out-of-bounds read), CVE-2023-21529 (Exchange Server deserialization leading to remote code execution), CVE-2025-60710 (Windows Task Scheduler local privilege escalation), and CVE-2012-1854 (VBA insecure library loading enabling remote code execution). Defused Cyber reported exploitation of CVE-21643 since March 24, 2026; Storm-1175 has weaponized CVE-2023-21529 to deliver Medusa ransomware; CVE-2012-1854 had targeted-attack activity in 2012. No public exploitation yet for the other three. FCEB agencies must patch by April 27, 2026, with FortiClient EMS fixes due by April 16, 2026.
- CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software The Hacker News
- Ancient Excel bug comes out of retirement for active attacks theregister.com
- Active exploitation of old Microsoft bugs prompt CISA catalog inclusion SC Media
- Warning of attacks on 17-year-old Excel vulnerability heise online
- Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities SecurityWeek
Reading Insights
0
16
1 min
vs 2 min read
67%
319 → 105 words
Want the full story? Read the original article
Read on The Hacker News