Find notable cyber news and cases, enriched with sources, timelines, and signals.

CISA KEV directive for CVE-2026-20133

Public Sector Action
First reported
Last updated
Happening score
H score 36
1 unique sources, 1 articles

Summary

Hide ▲

On Monday, April 21, 2026, CISA added CVE-2026-20133 to the KEV Catalog and ordered FCEB agencies to secure their networks by Friday, April 24. The directive matters because CISA said the flaw was being used in active exploitation against Cisco Catalyst SD-WAN Manager. CISA also pointed agencies to Emergency Directive 26-03 and related hardening guidance if mitigations were needed.

Related Happenings

CISA sets June 28 patch deadline for Cisco Unified Communications Manager Server

Public Sector Action
H score35 First: 26.06.2026 22:43 Last: 26.06.2026 22:43 Sources 1

About this happening: CISA ordered **federal agencies** to patch **CVE-2026-20230** in **Cisco Unified Communications Manager Server** by **June 28**, tightening exposure around an **actively exploited...

Cisco Catalyst SD-WAN unauthorized peering and SSH access campaign

Campaign
H score38 First: 25.06.2026 17:15 Last: 25.06.2026 17:15 Sources 1

About this happening: An active **campaign** used **unauthorized peering connections** and **SSH access** to maintain footholds inside a **service provider's Cisco Catalyst SD-WAN** environment, increa...

CISA zero-trust SASE guidance for TIC 3.0

Public Sector Action
H score30 First: 25.06.2026 14:30 Last: 25.06.2026 14:30 Sources 1

About this happening: CISA published **new guidance** on **June 24** for **federal civilian executive branch agencies** to replace legacy internet gateways with **SASE** as part of the move from **TIC...

CISA BOD 26-04 three-day remediation directive

Public Sector Action
H score36 First: 24.06.2026 17:35 Last: 24.06.2026 17:35 Sources 1

About this happening: CISA's **BOD 26-04** requires **federal agencies** to apply available security updates or vendor-recommended mitigations within **three days**, accelerating remediation for **acti...

CISA warning on FortiBleed for FortiGate customers

Public Sector Action
H score89 First: 19.06.2026 17:00 Last: 19.06.2026 17:00 Sources 1

About this happening: **CISA** warned **Fortinet** customers with **FortiGate appliances** to secure exposed systems against ongoing malicious activity tied to **FortiBleed**. The activity had reached...

Timeline

  1. 21.04.2026 15:30 2 articles · 2mo ago

    CISA KEV directive for CVE-2026-20133

    Initial Disclosure

    **CISA** moved **CVE-2026-20133** into the **KEV Catalog** and set a **Friday, April 24** deadline for **FCEB agencies** to secure their networks. The order was issued after CISA cited evidence of **active exploitation**.

    Show sources