Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA KEV update for Citrix and Git remediation

Public Sector Action
First reported
Last updated
Happening score
H score 39
1 unique sources, 1 articles

Summary

Hide ▲

CISA added three exploited flaws in Citrix Session Recording and Git to its Known Exploited Vulnerabilities (KEV) catalog, putting FCEB agencies on notice for active threat exposure. The update names CVE-2024-8068, CVE-2024-8069, and CVE-2025-48384. Federal civilian agencies must apply mitigations by September 15, 2025.

Related Happenings

CISA KEV listing for ASUS Live Update and FCEB cutoff

Public Sector Action
First: 18.12.2025 07:01 Last: 18.12.2025 07:01 Sources 1

About this happening: **CISA** added **ASUS Live Update** to its **KEV catalog** after evidence of **active exploitation**, making **CVE-2025-59374** a federal remediation priority. The agency told **F...

Latest development: 18.12.2025 15:27

CISA added CVE-2025-59374 to its Known Exploited Vulnerabilities (KEV) catalog and warned federal agencies to stop using Asus Live Update, a now-discontinued utility linked to a supply-chain backdoor.

Open Happening

CISA orders FCEB GeoServer patching

Public Sector Action
First: 12.12.2025 11:48 Last: 12.12.2025 11:48 Sources 1

About this happening: CISA added **CVE-2025-58360** to its **KEV Catalog** and ordered **FCEB agencies** to patch **GeoServer** by **January 1st, 2026**, tightening federal exposure to an **actively ex...

Open Happening

CISA KEV mandate for CVE-2025-62221

Public Sector Action
First: 10.12.2025 10:50 Last: 10.12.2025 10:50 Sources 1

About this happening: **CISA** added **CVE-2025-62221** to the **KEV catalog**, forcing **Federal Civilian Executive Branch (FCEB)** agencies to patch by **December 30, 2025** because the flaw is **act...

Open Happening

CISA KEV listing and federal deadline for React2Shell

Public Sector Action
First: 06.12.2025 13:40 Last: 06.12.2025 13:40 Sources 1

About this happening: CISA added **CVE-2025-55182** to the **KEV catalog** after reports of **active exploitation** of **React Server Components**. The listing turns the **React2Shell** flaw into a fed...

Open Happening

OpenPLC ScadaBR actively exploited XSS flaw (CVE-2021-26829)

Vulnerability
First: 30.11.2025 11:23 Last: 30.11.2025 11:23 Sources 1

About this happening: **CVE-2021-26829** in **OpenPLC ScadaBR** is an **actively exploited** **cross-site scripting (XSS)** flaw affecting **Windows** and **Linux** versions via **system_settings.shtm*...

Open Happening

Timeline

  1. 26.08.2025 08:55 1 articles · 9mo ago

    CISA adds Citrix Session Recording and Git flaws to KEV catalog

    Industry Or Public Sector Update

    CISA added CVE-2024-8068, CVE-2024-8069, and CVE-2025-48384 to the Known Exploited Vulnerabilities (KEV) catalog after evidence of active exploitation, placing the Citrix Session Recording and Git issues into a federal remediation priority list.

    Show sources
    Open in new tab
  2. 26.08.2025 08:55 1 articles · 9mo ago

    FCEB agencies face September 15, 2025 mitigation deadline

    Legal Policy Action Update

    Federal Civilian Executive Branch (FCEB) agencies are required to apply the necessary mitigations by September 15, 2025 to secure their networks against active threats tied to the listed Citrix Session Recording and Git vulnerabilities.

    Show sources
    Open in new tab