CISA KEV mitigation deadline for actively exploited flaws
Advisory/Mitigation
Summary
Hide ▲
Show ▼
CISA told FCEB agencies to apply mitigations for actively exploited KEV-listed flaws by October 20, 2025, creating a federal remediation deadline for systems exposed to Sudo, Cisco IOS/IOS XE, Fortra GoAnywhere MFT, Adminer, and Libraesva ESG. The guidance matters because the vulnerabilities are already being used in the wild. It effectively forces civil agencies to accelerate defenses across several widely deployed products.
Related Happenings
CERT-In 12-hour KEV remediation guidance
Advisory/Mitigation
First: 26.05.2026 13:30
Last: 26.05.2026 13:30
Sources 1
About this happening:
CERT-In set a **12-hour** expectation for containing or remediating **known exploited vulnerabilities** on **internet-facing and crown-jewel systems**, sharply shortening response...
CERT-In 12-hour KEV remediation guidance
Advisory/MitigationAbout this happening: CERT-In set a **12-hour** expectation for containing or remediating **known exploited vulnerabilities** on **internet-facing and crown-jewel systems**, sharply shortening response...
CISA orders FCEB patching for CVE-2026-9082
Public Sector Action
First: 26.05.2026 11:46
Last: 26.05.2026 11:46
Sources 1
About this happening:
**CISA** added **CVE-2026-9082** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Drupal** by **May 27**, turning an actively exploited flaw into a mandatory federa...
CISA orders FCEB patching for CVE-2026-9082
Public Sector ActionAbout this happening: **CISA** added **CVE-2026-9082** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Drupal** by **May 27**, turning an actively exploited flaw into a mandatory federa...
Drupal core security update for CVE-2026-9082
Security Patch Release
First: 22.05.2026 16:14
Last: 22.05.2026 16:14
Sources 1
About this happening:
**Drupal** released security updates for **CVE-2026-9082**, a highly critical SQL injection flaw affecting **PostgreSQL**-backed sites, and urged administrators to **upgrade immed...
Drupal core security update for CVE-2026-9082
Security Patch ReleaseAbout this happening: **Drupal** released security updates for **CVE-2026-9082**, a highly critical SQL injection flaw affecting **PostgreSQL**-backed sites, and urged administrators to **upgrade immed...
Langflow and Trend Micro Apex One exploited flaws (multiple vulnerabilities)
Vulnerability
First: 22.05.2026 08:47
Last: 22.05.2026 08:47
Sources 1
About this happening:
**CISA** added **CVE-2025-34291** in **Langflow** and **CVE-2026-34926** in **Trend Micro Apex One** to the **KEV catalog** after evidence of **active exploitation**. The Langflow...
Langflow and Trend Micro Apex One exploited flaws (multiple vulnerabilities)
VulnerabilityAbout this happening: **CISA** added **CVE-2025-34291** in **Langflow** and **CVE-2026-34926** in **Trend Micro Apex One** to the **KEV catalog** after evidence of **active exploitation**. The Langflow...
CISA KEV remediation order for Cisco Catalyst SD-WAN Controller CVE-2026-20182
Public Sector Action
First: 15.05.2026 08:28
Last: 15.05.2026 08:28
Sources 1
About this happening:
**CISA** added **CVE-2026-20182** to the **KEV catalog** and ordered **Federal Civilian Executive Branch agencies** to remediate **Cisco Catalyst SD-WAN Controller** by **May 17,...
CISA KEV remediation order for Cisco Catalyst SD-WAN Controller CVE-2026-20182
Public Sector ActionAbout this happening: **CISA** added **CVE-2026-20182** to the **KEV catalog** and ordered **Federal Civilian Executive Branch agencies** to remediate **Cisco Catalyst SD-WAN Controller** by **May 17,...
Timeline
-
30.09.2025 08:41 3 articles · 7mo ago
CISA sets October 20, 2025 mitigation deadline for KEV-listed flaws
Legal Policy Action UpdateCISA added CVE-2025-32463 in Sudo and four other vulnerabilities to the Known Exploited Vulnerabilities (KEV) catalog after evidence of active exploitation in the wild, and directed Federal Civilian Executive Branch (FCEB) agencies using the affected products to apply the necessary mitigations by October 20, 2025. The guidance covered Sudo versions prior to 1.9.17p1, Adminer, Cisco IOS and IOS XE, Fortra GoAnywhere MFT, and Libraesva Email Security Gateway (ESG).
Show sources
- CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems — thehackernews.com — 30.09.2025 08:41
- CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems — thehackernews.com — 30.09.2025 08:41
- CISA warns of critical Linux Sudo flaw exploited in attacks — www.bleepingcomputer.com — 30.09.2025 16:42