Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA orders FCEB remediation deadlines for KEV vulnerabilities

Public Sector Action
First reported
Last updated
Happening score
H score 53
1 unique sources, 1 articles

Summary

Hide ▲

CISA ordered FCEB agencies to patch SolarWinds Web Help Desk by March 12, 2026 and to fix the other two KEV-listed flaws by March 23, 2026, tightening remediation for vulnerabilities already tied to active exploitation. The directive covers CVE-2021-22054, CVE-2025-26399, and CVE-2026-1603 across Omnissa Workspace One UEM, SolarWinds Web Help Desk, and Ivanti Endpoint Manager. The action matters because the exploited SolarWinds flaw has been linked to reported initial-access activity associated with Warlock ransomware.

Related Happenings

Storm-1175 high-tempo Medusa ransomware campaign

Campaign
First: 07.04.2026 13:02 Last: 07.04.2026 13:02 Sources 1

About this happening: **Storm-1175** is running a **high-tempo Medusa ransomware campaign** that has repeatedly exploited **n-day and zero-day flaws** to gain initial access before patching closes the...

Open Happening

Storm-1175 high-velocity exploit campaign

Campaign
First: 06.04.2026 19:56 Last: 06.04.2026 19:56 Sources 1

About this happening: **Storm-1175** is running a **high-velocity exploit campaign** that rapidly turns access into **Medusa ransomware** deployment, creating risk of **data exfiltration** and encrypte...

Open Happening

FortiClient EMS improper access control flaw (CVE-2026-35616)

Vulnerability
First: 05.04.2026 21:45 Last: 05.04.2026 21:45 Sources 1

About this happening: **CVE-2026-35616** is being **actively exploited** against **FortiClient Enterprise Management Server (EMS)**, putting exposed **7.4.5 and 7.4.6** deployments at risk of remote co...

Open Happening

CISA KEV remediation order for five exploited Apple, Craft CMS, and Laravel Livewire flaws

Advisory/Mitigation
First: 21.03.2026 10:25 Last: 21.03.2026 10:25 Sources 1

About this happening: **CISA** added **five exploited flaws** affecting **Apple**, **Craft CMS**, and **Laravel Livewire** to the **KEV catalog**, creating an urgent remediation requirement for federal...

Open Happening

CISA patch guidance for Zimbra and SharePoint flaws

Advisory/Mitigation
First: 19.03.2026 08:05 Last: 19.03.2026 08:05 Sources 1

About this happening: **CISA** told **FCEB agencies** to patch **two actively exploited vulnerabilities** in **Synacor Zimbra Collaboration Suite (ZCS)** and **Microsoft Office SharePoint**, creating i...

Open Happening

Timeline

  1. 10.03.2026 08:17 2 articles · 2mo ago

    CISA orders FCEB remediation for three KEV flaws

    Legal Policy Action Update

    CISA ordered Federal Civilian Executive Branch agencies to apply the SolarWinds Web Help Desk fix by March 12, 2026 and to remediate the remaining two KEV-listed vulnerabilities by March 23, 2026 after adding CVE-2021-22054, CVE-2025-26399, and CVE-2026-1603 to the Known Exploited Vulnerabilities catalog based on evidence of active exploitation.

    Show sources
    Open in new tab