Find notable cyber news and cases, enriched with sources, timelines, and signals.

CISA orders FCEB remediation deadlines for KEV vulnerabilities

Public Sector Action
First reported
Last updated
Happening score
H score 38
1 unique sources, 1 articles

Summary

Hide ▲

CISA ordered FCEB agencies to patch SolarWinds Web Help Desk by March 12, 2026 and to fix the other two KEV-listed flaws by March 23, 2026, tightening remediation for vulnerabilities already tied to active exploitation. The directive covers CVE-2021-22054, CVE-2025-26399, and CVE-2026-1603 across Omnissa Workspace One UEM, SolarWinds Web Help Desk, and Ivanti Endpoint Manager. The action matters because the exploited SolarWinds flaw has been linked to reported initial-access activity associated with Warlock ransomware.

Related Happenings

SolarWinds Serv-U advisory and mitigations for CVE-2026-28318

Advisory/Mitigation
H score52 First: 06.06.2026 11:14 Last: 06.06.2026 11:14 Sources 1

About this happening: **SolarWinds Serv-U** mitigation guidance now covers **CVE-2026-28318**, reducing **unauthenticated DoS** risk from specially crafted POST requests. SolarWinds says the flaw is ad...

CISA KEV order for SolarWinds Serv-U CVE-2026-28318

Public Sector Action
H score50 First: 06.06.2026 11:14 Last: 06.06.2026 11:14 Sources 1

About this happening: **CISA** added **CVE-2026-28318** affecting **SolarWinds Serv-U** to the **KEV catalog** and ordered **FCEB agencies** to remediate it by **June 19, 2026**. The directive expands...

SolarWinds Serv-U denial-of-service flaw actively exploited (CVE-2026-28318)

Vulnerability
H score73 First: 05.06.2026 22:15 Last: 05.06.2026 22:15 Sources 1

About this happening: **CISA** added **CVE-2026-28318** affecting **SolarWinds Serv-U** to the **Known Exploited Vulnerabilities (KEV) catalog** after evidence of **active exploitation**. The **high-se...

SolarWinds security patch release for CVE-2026-28318

Security Patch Release
H score82 First: 05.06.2026 22:15 Last: 05.06.2026 22:15 Sources 1

About this happening: SolarWinds released **Serv-U 15.5.4 Hotfix 1** for **CVE-2026-28318**, an **actively exploited** denial-of-service flaw that can crash exposed **Serv-U** servers. The update fixes...

Storm-1175 high-tempo Medusa ransomware campaign

Campaign
H score59 First: 07.04.2026 13:02 Last: 07.04.2026 13:02 Sources 1

About this happening: **Storm-1175** is running a **high-tempo Medusa ransomware campaign** that has repeatedly exploited **n-day and zero-day flaws** to gain initial access before patching closes the...

Timeline

  1. 10.03.2026 08:17 2 articles · 4mo ago

    CISA orders FCEB remediation for three KEV flaws

    Legal Policy Action Update

    CISA ordered Federal Civilian Executive Branch agencies to apply the SolarWinds Web Help Desk fix by March 12, 2026 and to remediate the remaining two KEV-listed vulnerabilities by March 23, 2026 after adding CVE-2021-22054, CVE-2025-26399, and CVE-2026-1603 to the Known Exploited Vulnerabilities catalog based on evidence of active exploitation.

    Show sources