Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA KEV remediation mandate for DELMIA Apriso flaws

Public Sector Action
First reported
Last updated
Happening score
H score 50
2 unique sources, 2 articles

Summary

Hide ▲

CISA added DELMIA Apriso vulnerabilities to the Known Exploited Vulnerabilities (KEV) Catalog, putting Federal Civilian Executive Branch (FCEB) agencies on a three-week remediation clock. The action matters because the flaws are being actively exploited and federal networks must secure affected systems by November 18. CISA also tied the requirement to BOD 22-01 and urged administrators to apply vendor mitigations or stop using the product if mitigations are unavailable.

Related Happenings

CISA revises CIRCIA town hall schedule

Public Sector Action
First: 26.05.2026 15:00 Last: 26.05.2026 15:00 Sources 1

About this happening: CISA **revised the schedule** for **virtual town halls** on the **CIRCIA rulemaking**, reopening stakeholder engagement on a cybersecurity reporting rule that will affect **critic...

Open Happening

CERT-In 12-hour KEV remediation guidance

Advisory/Mitigation
First: 26.05.2026 13:30 Last: 26.05.2026 13:30 Sources 1

About this happening: CERT-In set a **12-hour** expectation for containing or remediating **known exploited vulnerabilities** on **internet-facing and crown-jewel systems**, sharply shortening response...

Open Happening

CISA orders FCEB patching for CVE-2026-9082

Public Sector Action
First: 26.05.2026 11:46 Last: 26.05.2026 11:46 Sources 1

About this happening: **CISA** added **CVE-2026-9082** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Drupal** by **May 27**, turning an actively exploited flaw into a mandatory federa...

Open Happening

Congress demands CISA answers on GitHub credential leak

Public Sector Action
First: 22.05.2026 19:34 Last: 22.05.2026 19:34 Sources 1

About this happening: **Lawmakers in both houses of Congress** demanded answers from **CISA** after a contractor exposed **AWS GovCloud keys** and other secrets on **public GitHub**. The letters presse...

Open Happening

CISA launches KEV Nomination Form

Public Sector Action
First: 21.05.2026 15:00 Last: 21.05.2026 15:00 Sources 1

About this happening: CISA launched a **new Nomination Form** for the **KEV catalog**, giving **researchers, vendors, and industry partners** a direct way to report **known exploited vulnerabilities**....

Open Happening

Timeline

  1. 28.10.2025 20:59 2 articles · 7mo ago

    CISA adds DELMIA Apriso flaws to KEV Catalog

    Legal Policy Action Update

    CISA added actively exploited CVE-2025-6205 and CVE-2025-6204 in Dassault Systèmes DELMIA Apriso to the Known Exploited Vulnerabilities (KEV) Catalog and required Federal Civilian Executive Branch (FCEB) agencies to secure affected networks within three weeks under BOD 22-01, with a November 18 deadline.

    Show sources
    Open in new tab