Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

CISA adds Adobe Experience Manager flaw to KEV catalog

Public Sector Action
First reported
Last updated
Happening score
H score 31
1 unique sources, 1 articles

Summary

Hide ▲

CISA added CVE-2025-54253 affecting Adobe Experience Manager to its KEV catalog, turning the flaw into a federal remediation priority because it is under active exploitation. The listing matters because the bug is a 10.0-rated misconfiguration issue that can enable arbitrary code execution. Federal civilian agencies were told to apply fixes by November 5, 2025.

Related Happenings

CISA KEV order for SolarWinds Serv-U CVE-2026-28318

Public Sector Action
H score50 First: 06.06.2026 11:14 Last: 06.06.2026 11:14 Sources 1

About this happening: **CISA** added **CVE-2026-28318** affecting **SolarWinds Serv-U** to the **KEV catalog** and ordered **FCEB agencies** to remediate it by **June 19, 2026**. The directive expands...

Open Happening

Mirasvit Cache Warmer RCE (CVE-2026-45247)

Vulnerability
H score9 First: 04.06.2026 10:19 Last: 04.06.2026 10:19 Sources 1

About this happening: **CVE-2026-45247** is a critical **deserialization of untrusted data** flaw in **Mirasvit Cache Warmer** that enables **unauthenticated remote code execution** on affected Magento...

Open Happening

Langflow and Trend Micro Apex One exploited flaws (multiple vulnerabilities)

Vulnerability
H score44 First: 22.05.2026 08:47 Last: 22.05.2026 08:47 Sources 1

About this happening: **CISA** added **CVE-2025-34291** in **Langflow** and **CVE-2026-34926** in **Trend Micro Apex One** to the **KEV catalog** after evidence of **active exploitation**. The Langflow...

Open Happening

CISA KEV action for CVE-2026-31431 and FCEB remediation

Public Sector Action
H score37 First: 03.05.2026 09:26 Last: 03.05.2026 09:26 Sources 1

About this happening: CISA added **CVE-2026-31431** to its **KEV catalog**, putting **Federal Civilian Executive Branch (FCEB)** agencies on notice to remediate an actively exploited Linux privilege-es...

Open Happening

CISA KEV directive for CVE-2026-20133

Public Sector Action
H score36 First: 21.04.2026 15:30 Last: 21.04.2026 15:30 Sources 1

About this happening: On **Monday, April 21, 2026**, **CISA** added **CVE-2026-20133** to the **KEV Catalog** and ordered **FCEB agencies** to secure their networks by **Friday, April 24**. The directi...

Open Happening

Timeline

  1. 16.10.2025 07:26 2 articles · 8mo ago

    Initial report: CISA adds Adobe Experience Manager flaw to KEV catalog

    Initial Disclosure

    CISA formally moved **CVE-2025-54253** into the **KEV catalog** after evidence of **active exploitation**. That initial step made the Adobe issue a federal remediation priority rather than a routine vendor advisory.

    Show sources
    Open in new tab