Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA KEV remediation order for CVE-2024-1086

Public Sector Action
First reported
Last updated
Happening score
H score 48
1 unique sources, 1 articles

Summary

Hide ▲

CISA added CVE-2024-1086 to the Known Exploited Vulnerabilities (KEV) catalog and ordered federal agencies to secure their systems by June 20, 2024, forcing urgent remediation of an actively exploited Linux kernel flaw. The directive covers a privilege-escalation weakness that can yield root-level access on affected systems. The action raises the urgency for federal defenders because exploitation is already tied to ransomware attacks.

Related Happenings

CISA KEV order for Copy Fail on federal Linux devices

Public Sector Action
First: 08.05.2026 10:45 Last: 08.05.2026 10:45 Sources 1

About this happening: **CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...

Open Happening

CISA KEV action for CVE-2026-31431 and FCEB remediation

Public Sector Action
First: 03.05.2026 09:26 Last: 03.05.2026 09:26 Sources 1

About this happening: CISA added **CVE-2026-31431** to its **KEV catalog**, putting **Federal Civilian Executive Branch (FCEB)** agencies on notice to remediate an actively exploited Linux privilege-es...

Open Happening

CISA KEV directive for CVE-2026-20133

Public Sector Action
First: 21.04.2026 15:30 Last: 21.04.2026 15:30 Sources 1

About this happening: On **Monday, April 21, 2026**, **CISA** added **CVE-2026-20133** to the **KEV Catalog** and ordered **FCEB agencies** to secure their networks by **Friday, April 24**. The directi...

Open Happening

CISA KEV listing and FCEB ActiveMQ patch order

Public Sector Action
First: 17.04.2026 12:30 Last: 17.04.2026 12:30 Sources 1

About this happening: **CISA** added **CVE-2026-34197** to the **KEV Catalog** and ordered **FCEB** agencies to patch **Apache ActiveMQ** servers within **two weeks**. The directive sets a hard **April...

Open Happening

CISA adds CVE-2026-33634 to KEV and orders FCEB mitigations

Public Sector Action
First: 13.04.2026 09:50 Last: 13.04.2026 09:50 Sources 1

About this happening: **CISA** added **CVE-2026-33634** to its **Known Exploited Vulnerabilities (KEV) catalog**, requiring **Federal Civilian Executive Branch (FCEB)** agencies to apply mitigations by...

Open Happening

Timeline

  1. 31.10.2025 15:05 2 articles · 6mo ago

    CISA orders federal agencies to secure systems against CVE-2024-1086 by June 20, 2024

    Legal Policy Action Update

    CISA added CVE-2024-1086, a Linux kernel use-after-free flaw in netfilter: nf_tables, to its Known Exploited Vulnerabilities (KEV) catalog in May 2024 and directed federal agencies to secure their systems by June 20, 2024 because the flaw was being used in ransomware attacks.

    Show sources
    Open in new tab
  2. 31.10.2025 15:05 1 articles · 6mo ago

    CISA confirms CVE-2024-1086 is being exploited in ransomware attacks

    Initial Disclosure

    CISA confirmed that CVE-2024-1086, a high-severity Linux kernel privilege-escalation flaw, is now being exploited in ransomware attacks, meaning local attackers can potentially gain root-level access on affected systems.

    Show sources
    Open in new tab