Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA adds CVE-2025-21042 to KEV catalog

Public Sector Action
First reported
Last updated
Happening score
H score 58
1 unique sources, 1 articles

Summary

Hide ▲

CISA added CVE-2025-21042 to the KEV catalog, triggering a formal federal response to a Samsung zero-day that had been reported as actively abused in spyware operations. The directive orders US federal agencies to apply vendor mitigations, follow BOD 22-01 cloud guidance, or discontinue use if mitigations are unavailable. Agencies must comply by December 1, and the flaw is an out-of-bounds write bug with a 9.8 CVSS score that Samsung patched in April.

Cases

Samsung image library flaw used to deliver LANDFALL spyware (5)

Related Happenings

Ghost CMS CVE-2026-26980 ClickFix campaign

Campaign
First: 24.05.2026 17:12 Last: 24.05.2026 17:12 Sources 1

About this happening: A **large-scale campaign** is exploiting **CVE-2026-26980** in **Ghost CMS** to plant malicious JavaScript and drive **ClickFix** lure pages, putting exposed sites and their visit...

Open Happening

CISA KEV order for Copy Fail on federal Linux devices

Public Sector Action
First: 08.05.2026 10:45 Last: 08.05.2026 10:45 Sources 1

About this happening: **CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...

Open Happening

CISA KEV directive for CVE-2026-20133

Public Sector Action
First: 21.04.2026 15:30 Last: 21.04.2026 15:30 Sources 1

About this happening: On **Monday, April 21, 2026**, **CISA** added **CVE-2026-20133** to the **KEV Catalog** and ordered **FCEB agencies** to secure their networks by **Friday, April 24**. The directi...

Open Happening

CISA KEV listing and FCEB patch order for Ivanti EPMM

Public Sector Action
First: 08.04.2026 21:15 Last: 08.04.2026 21:15 Sources 1

About this happening: **CISA** added **CVE-2026-1340** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Ivanti Endpoint Manager Mobile (EPMM)** by **Saturday midnight, April 11**, forcin...

Open Happening

CISA KEV listing and FCEB patch order for CVE-2026-35616

Public Sector Action
First: 06.04.2026 19:02 Last: 06.04.2026 19:02 Sources 1

About this happening: **CISA** added **CVE-2026-35616** to the **KEV Catalog** and ordered **FCEB agencies** to patch **FortiClient EMS** by **Thursday midnight, April 9**. The mandate matters because...

Open Happening

Timeline

  1. 11.11.2025 12:30 2 articles · 6mo ago

    CISA adds CVE-2025-21042 to KEV catalog

    Legal Policy Action Update

    CISA added CVE-2025-21042, an out-of-bounds write flaw with a CVSS score of 9.8, to the Known Exploited Vulnerabilities catalog and told US federal agencies to apply vendor mitigations, follow BOD 22-01 cloud guidance, or discontinue use of the product if mitigations are unavailable.

    Show sources
    Open in new tab
  2. 11.11.2025 12:30 1 articles · 6mo ago

    Public disclosure links CVE-2025-21042 to LandFall spyware

    Initial Disclosure

    Public reporting describes a spyware campaign against Samsung devices in which LandFall was embedded in malicious DNG image files sent through WhatsApp to targets in the Middle East, with possible zero-click remote code execution and surveillance capabilities including microphone recording, location tracking, and collection of photos, contacts, and call logs.

    Show sources
    Open in new tab
  3. 11.11.2025 12:30 1 articles · 6mo ago

    Federal agencies face December 1 remediation deadline

    Legal Policy Action Update

    US federal agencies must meet the December 1 deadline to apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable for CVE-2025-21042.

    Show sources
    Open in new tab