Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA KEV remediation order for five exploited Apple, Craft CMS, and Laravel Livewire flaws

Advisory/Mitigation
First reported
Last updated
Happening score
H score 57
1 unique sources, 1 articles

Summary

Hide ▲

CISA added five exploited flaws affecting Apple, Craft CMS, and Laravel Livewire to the KEV catalog, creating an urgent remediation requirement for federal agencies. The agency directed affected organizations to patch by April 3, 2026 because the weaknesses are already known to be under exploitation. The covered issues include flaws in Apple WebKit, Apple kernel components, Craft CMS, and Laravel Livewire.

Related Happenings

CISA KEV listing and FCEB ActiveMQ patch order

Public Sector Action
First: 17.04.2026 12:30 Last: 17.04.2026 12:30 Sources 1

About this happening: **CISA** added **CVE-2026-34197** to the **KEV Catalog** and ordered **FCEB** agencies to patch **Apache ActiveMQ** servers within **two weeks**. The directive sets a hard **April...

Open Happening

NIST CVE/NVD prioritization shift

Public Sector Action
First: 17.04.2026 00:47 Last: 17.04.2026 00:47 Sources 1

About this happening: **NIST** is **changing** its **CVE/NVD prioritization** so that, starting **April 15, 2026**, it will provide full details only for a **subset of CVEs**. The shift matters because...

Open Happening

NIST/NVD risk-based CVE enrichment change

Public Sector Action
First: 16.04.2026 15:43 Last: 16.04.2026 15:43 Sources 1

About this happening: **NIST** said the **US National Vulnerability Database (NVD)** will switch to a **risk-based CVE enrichment** model to cope with backlog growth. The change will **drop enrichment...

Open Happening

CISA KEV remediation lag is widening as exploit timelines shrink

Target Trend
First: 10.04.2026 17:01 Last: 10.04.2026 17:01 Sources 1

About this happening: **CISA KEV** remediation lag is widening across **10,000 organizations**, leaving enterprise exposures open longer than attackers need to weaponize them. Critical vulnerabilities...

Open Happening

CISA BOD 22-01 order for FCEB iOS patching

Public Sector Action
First: 23.03.2026 10:37 Last: 23.03.2026 10:37 Sources 1

About this happening: **CISA** ordered **FCEB agencies** to secure devices against **DarkSword-linked iOS flaws**, tightening federal exposure to attacks that enabled **sandbox escape** and **remote co...

Open Happening

Timeline

  1. 21.03.2026 10:25 2 articles · 2mo ago

    CISA adds five exploited flaws to KEV catalog

    Legal Policy Action Update

    CISA added CVE-2025-31277, CVE-2025-43510, CVE-2025-43520, CVE-2025-32432, and CVE-2025-54068 to the Known Exploited Vulnerabilities (KEV) catalog for Apple WebKit, Apple kernel components, Craft CMS, and Laravel Livewire, and directed federal agencies to patch the flaws by April 3, 2026.

    Show sources
    Open in new tab