CISA KEV mandate for CVE-2025-62221
Public Sector Action
Summary
Hide ▲
Show ▼
CISA added CVE-2025-62221 to the KEV catalog, forcing Federal Civilian Executive Branch (FCEB) agencies to patch by December 30, 2025 because the flaw is actively exploited in the wild. The action turns a vendor patch into a mandatory federal remediation deadline for a known exploited Windows issue.
Related Happenings
Windows cldflt.sys MiniPlasma privilege escalation zero-day privilege-escalation flaw
Vulnerability
First: 18.05.2026 07:59
Last: 18.05.2026 07:59
Sources 1
How related:
The vulnerability that has come under active exploitation is CVE-2025-62221 (CVSS score: 7.8), a use-after-free in Windows Cloud Files Mini Filter Driver that could allow an authorized attacker to elevate privileges locally and obtain SYSTEM permissions.
About this happening:
**MiniPlasma** is a **Windows privilege-escalation zero-day** in **cldflt.sys** that can give attackers **SYSTEM** privileges on **fully patched Windows systems**. The flaw affect...
Windows cldflt.sys MiniPlasma privilege escalation zero-day privilege-escalation flaw
VulnerabilityHow related: The vulnerability that has come under active exploitation is CVE-2025-62221 (CVSS score: 7.8), a use-after-free in Windows Cloud Files Mini Filter Driver that could allow an authorized attacker to elevate privileges locally and obtain SYSTEM permissions.
About this happening: **MiniPlasma** is a **Windows privilege-escalation zero-day** in **cldflt.sys** that can give attackers **SYSTEM** privileges on **fully patched Windows systems**. The flaw affect...
CISA KEV action for CVE-2026-31431 and FCEB remediation
Public Sector Action
First: 03.05.2026 09:26
Last: 03.05.2026 09:26
Sources 1
About this happening:
CISA added **CVE-2026-31431** to its **KEV catalog**, putting **Federal Civilian Executive Branch (FCEB)** agencies on notice to remediate an actively exploited Linux privilege-es...
CISA KEV action for CVE-2026-31431 and FCEB remediation
Public Sector ActionAbout this happening: CISA added **CVE-2026-31431** to its **KEV catalog**, putting **Federal Civilian Executive Branch (FCEB)** agencies on notice to remediate an actively exploited Linux privilege-es...
CISA KEV listing and FCEB ActiveMQ patch order
Public Sector Action
First: 17.04.2026 12:30
Last: 17.04.2026 12:30
Sources 1
About this happening:
**CISA** added **CVE-2026-34197** to the **KEV Catalog** and ordered **FCEB** agencies to patch **Apache ActiveMQ** servers within **two weeks**. The directive sets a hard **April...
CISA KEV listing and FCEB ActiveMQ patch order
Public Sector ActionAbout this happening: **CISA** added **CVE-2026-34197** to the **KEV Catalog** and ordered **FCEB** agencies to patch **Apache ActiveMQ** servers within **two weeks**. The directive sets a hard **April...
CISA KEV listing and FCEB patch order for Ivanti EPMM
Public Sector Action
First: 08.04.2026 21:15
Last: 08.04.2026 21:15
Sources 1
About this happening:
**CISA** added **CVE-2026-1340** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Ivanti Endpoint Manager Mobile (EPMM)** by **Saturday midnight, April 11**, forcin...
CISA KEV listing and FCEB patch order for Ivanti EPMM
Public Sector ActionAbout this happening: **CISA** added **CVE-2026-1340** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Ivanti Endpoint Manager Mobile (EPMM)** by **Saturday midnight, April 11**, forcin...
CISA KEV listing and FCEB patch order for CVE-2026-35616
Public Sector Action
First: 06.04.2026 19:02
Last: 06.04.2026 19:02
Sources 1
About this happening:
**CISA** added **CVE-2026-35616** to the **KEV Catalog** and ordered **FCEB agencies** to patch **FortiClient EMS** by **Thursday midnight, April 9**. The mandate matters because...
CISA KEV listing and FCEB patch order for CVE-2026-35616
Public Sector ActionAbout this happening: **CISA** added **CVE-2026-35616** to the **KEV Catalog** and ordered **FCEB agencies** to patch **FortiClient EMS** by **Thursday midnight, April 9**. The mandate matters because...
Timeline
-
10.12.2025 10:50 2 articles · 5mo ago
CISA adds CVE-2025-62221 to KEV catalog and orders federal patching
Legal Policy Action UpdateCISA added CVE-2025-62221, a use-after-free in the Windows Cloud Files Mini Filter Driver that is being actively exploited in the wild, to the Known Exploited Vulnerabilities (KEV) catalog and required Federal Civilian Executive Branch (FCEB) agencies to apply the patch by December 30, 2025.
Show sources
- Microsoft Issues Security Fixes for 56 Flaws, Including Active Exploit and Two Zero-Days — thehackernews.com — 10.12.2025 10:50
- Microsoft Issues Security Fixes for 56 Flaws, Including Active Exploit and Two Zero-Days — thehackernews.com — 10.12.2025 10:50