CISA KEV directive for CVE-2026-20133
Public Sector Action
Summary
Hide ▲
Show ▼
On Monday, April 21, 2026, CISA added CVE-2026-20133 to the KEV Catalog and ordered FCEB agencies to secure their networks by Friday, April 24. The directive matters because CISA said the flaw was being used in active exploitation against Cisco Catalyst SD-WAN Manager. CISA also pointed agencies to Emergency Directive 26-03 and related hardening guidance if mitigations were needed.
Related Happenings
CISA revises CIRCIA town hall schedule
Public Sector Action
First: 26.05.2026 15:00
Last: 26.05.2026 15:00
Sources 1
About this happening:
CISA **revised the schedule** for **virtual town halls** on the **CIRCIA rulemaking**, reopening stakeholder engagement on a cybersecurity reporting rule that will affect **critic...
CISA revises CIRCIA town hall schedule
Public Sector ActionAbout this happening: CISA **revised the schedule** for **virtual town halls** on the **CIRCIA rulemaking**, reopening stakeholder engagement on a cybersecurity reporting rule that will affect **critic...
CISA orders FCEB patching for CVE-2026-9082
Public Sector Action
First: 26.05.2026 11:46
Last: 26.05.2026 11:46
Sources 1
About this happening:
**CISA** added **CVE-2026-9082** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Drupal** by **May 27**, turning an actively exploited flaw into a mandatory federa...
CISA orders FCEB patching for CVE-2026-9082
Public Sector ActionAbout this happening: **CISA** added **CVE-2026-9082** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Drupal** by **May 27**, turning an actively exploited flaw into a mandatory federa...
Congress demands CISA answers on GitHub credential leak
Public Sector Action
First: 22.05.2026 19:34
Last: 22.05.2026 19:34
Sources 1
About this happening:
**Lawmakers in both houses of Congress** demanded answers from **CISA** after a contractor exposed **AWS GovCloud keys** and other secrets on **public GitHub**. The letters presse...
Congress demands CISA answers on GitHub credential leak
Public Sector ActionAbout this happening: **Lawmakers in both houses of Congress** demanded answers from **CISA** after a contractor exposed **AWS GovCloud keys** and other secrets on **public GitHub**. The letters presse...
CISA launches KEV Nomination Form
Public Sector Action
First: 21.05.2026 15:00
Last: 21.05.2026 15:00
Sources 1
About this happening:
CISA launched a **new Nomination Form** for the **KEV catalog**, giving **researchers, vendors, and industry partners** a direct way to report **known exploited vulnerabilities**....
CISA launches KEV Nomination Form
Public Sector ActionAbout this happening: CISA launched a **new Nomination Form** for the **KEV catalog**, giving **researchers, vendors, and industry partners** a direct way to report **known exploited vulnerabilities**....
CISA KEV remediation order for Cisco Catalyst SD-WAN Controller CVE-2026-20182
Public Sector Action
First: 15.05.2026 08:28
Last: 15.05.2026 08:28
Sources 1
About this happening:
**CISA** added **CVE-2026-20182** to the **KEV catalog** and ordered **Federal Civilian Executive Branch agencies** to remediate **Cisco Catalyst SD-WAN Controller** by **May 17,...
CISA KEV remediation order for Cisco Catalyst SD-WAN Controller CVE-2026-20182
Public Sector ActionAbout this happening: **CISA** added **CVE-2026-20182** to the **KEV catalog** and ordered **Federal Civilian Executive Branch agencies** to remediate **Cisco Catalyst SD-WAN Controller** by **May 17,...
Timeline
-
21.04.2026 15:30 2 articles · 1mo ago
CISA KEV directive for CVE-2026-20133
Initial Disclosure**CISA** moved **CVE-2026-20133** into the **KEV Catalog** and set a **Friday, April 24** deadline for **FCEB agencies** to secure their networks. The order was issued after CISA cited evidence of **active exploitation**.
Show sources
- CISA flags new SD-WAN flaw as actively exploited in attacks — www.bleepingcomputer.com — 21.04.2026 15:30
- CISA flags new SD-WAN flaw as actively exploited in attacks — www.bleepingcomputer.com — 21.04.2026 15:30