CISA adds three exploited vulnerabilities to KEV with federal remediation deadline
Public Sector Action
Summary
Hide ▲
Show ▼
CISA added three exploited vulnerabilities to the KEV catalog, requiring federal agencies to apply the patches by November 4, 2025. The action turns already exploited flaws into a mandatory government remediation item and raises the urgency of patching across affected federal systems. The listed issues include CVE-2025-24990, CVE-2025-59230, and CVE-2025-47827.
Related Happenings
CERT-In 12-hour KEV remediation guidance
Advisory/Mitigation
First: 26.05.2026 13:30
Last: 26.05.2026 13:30
Sources 1
About this happening:
CERT-In set a **12-hour** expectation for containing or remediating **known exploited vulnerabilities** on **internet-facing and crown-jewel systems**, sharply shortening response...
CERT-In 12-hour KEV remediation guidance
Advisory/MitigationAbout this happening: CERT-In set a **12-hour** expectation for containing or remediating **known exploited vulnerabilities** on **internet-facing and crown-jewel systems**, sharply shortening response...
CERT-In issues 12-hour patch guidance for Indian organizations
Public Sector Action
First: 26.05.2026 13:30
Last: 26.05.2026 13:30
Sources 1
About this happening:
**CERT-In** published new guidance on **May 25** urging Indian organizations to patch **actively exploited internet-facing vulnerabilities** within **12 hours**, tightening respon...
CERT-In issues 12-hour patch guidance for Indian organizations
Public Sector ActionAbout this happening: **CERT-In** published new guidance on **May 25** urging Indian organizations to patch **actively exploited internet-facing vulnerabilities** within **12 hours**, tightening respon...
Langflow and Trend Micro Apex One exploited flaws (multiple vulnerabilities)
Vulnerability
First: 22.05.2026 08:47
Last: 22.05.2026 08:47
Sources 1
About this happening:
**CISA** added **CVE-2025-34291** in **Langflow** and **CVE-2026-34926** in **Trend Micro Apex One** to the **KEV catalog** after evidence of **active exploitation**. The Langflow...
Langflow and Trend Micro Apex One exploited flaws (multiple vulnerabilities)
VulnerabilityAbout this happening: **CISA** added **CVE-2025-34291** in **Langflow** and **CVE-2026-34926** in **Trend Micro Apex One** to the **KEV catalog** after evidence of **active exploitation**. The Langflow...
CISA KEV order for Copy Fail on federal Linux devices
Public Sector Action
First: 08.05.2026 10:45
Last: 08.05.2026 10:45
Sources 1
About this happening:
**CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...
CISA KEV order for Copy Fail on federal Linux devices
Public Sector ActionAbout this happening: **CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...
CISA KEV action for CVE-2026-31431 and FCEB remediation
Public Sector Action
First: 03.05.2026 09:26
Last: 03.05.2026 09:26
Sources 1
About this happening:
CISA added **CVE-2026-31431** to its **KEV catalog**, putting **Federal Civilian Executive Branch (FCEB)** agencies on notice to remediate an actively exploited Linux privilege-es...
CISA KEV action for CVE-2026-31431 and FCEB remediation
Public Sector ActionAbout this happening: CISA added **CVE-2026-31431** to its **KEV catalog**, putting **Federal Civilian Executive Branch (FCEB)** agencies on notice to remediate an actively exploited Linux privilege-es...
Timeline
-
15.10.2025 12:23 2 articles · 7mo ago
CISA adds three exploited vulnerabilities to KEV
Legal Policy Action UpdateCISA added CVE-2025-24990, CVE-2025-59230, and CVE-2025-47827 to the Known Exploited Vulnerabilities (KEV) catalog and required U.S. federal agencies to apply available patches by November 4, 2025. The listed flaws were already being exploited in the wild, spanning two Windows elevation-of-privilege vulnerabilities and a Secure Boot bypass in IGEL OS before 11.
Show sources
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23