Find notable cyber news and cases, enriched with sources, timelines, and signals.

CISA adds ScreenConnect and Windows flaws to KEV

Public Sector Action
First reported
Last updated
Happening score
H score 35
1 unique sources, 1 articles

Summary

Hide ▲

CISA added CVE-2024-1708 and CVE-2026-32202 to the KEV catalog, elevating the flaws to a federal remediation priority because they are being actively exploited. The update covers ConnectWise ScreenConnect and Microsoft Windows Shell, two products with risks that include remote code execution and network spoofing. FCEB agencies must apply the required fixes by May 12, 2026, making the move immediately actionable for federal defenders.

Related Happenings

Pwn2Own Berlin 2026 multi-product zero-days privilege-escalation flaw

Vulnerability
H score40 First: 14.05.2026 21:53 Last: 14.05.2026 21:53 Sources 1

About this happening: **Pwn2Own Berlin 2026** opened with **24 unique zero-days** demonstrated against **fully patched products**, creating immediate exposure across browser, OS, virtualization, enterp...

Microsoft May 2026 Patch Tuesday release

Security Patch Release
H score44 First: 13.05.2026 13:36 Last: 13.05.2026 13:36 Sources 1

About this happening: Microsoft's **May 13, 2026 Patch Tuesday** release fixed **138 vulnerabilities** across its product portfolio, including **Windows**, **Azure**, and **Edge**. None of the flaws we...

Latest development: 01.06.2026 15:30

Belgium's Centre for Cybersecurity warned that CVE-2026-41089 in Windows Netlogon is being actively exploited in the wild after Microsoft patched the stack-based buffer overflow during the May 2026 Patch Tuesday. The flaw affects all currently supported Windows Server versions, including Windows Server 2025, and can let an unauthenticated attacker gain remote code execution on targeted domain controllers.

Microsoft Windows 11 mandatory Patch Tuesday updates (KB5089549, KB5087420)

Security Patch Release
H score26 First: 12.05.2026 21:09 Last: 12.05.2026 21:09 Sources 1

About this happening: Microsoft released **mandatory Windows 11 cumulative updates** for **KB5089549** and **KB5087420**, delivering the **May 2026 Patch Tuesday** fixes for **120 vulnerabilities** acr...

Microsoft May 2026 Patch Tuesday (120 flaws)

Security Patch Release
H score31 First: 12.05.2026 21:08 Last: 12.05.2026 21:08 Sources 1

About this happening: **Microsoft** released its **May 2026 Patch Tuesday** updates, fixing **120 flaws** and disclosing **no zero-days**. The bundle includes **17 Critical** vulnerabilities, with mult...

CISA KEV order for Copy Fail on federal Linux devices

Public Sector Action
H score33 First: 08.05.2026 10:45 Last: 08.05.2026 10:45 Sources 1

About this happening: **CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...

Timeline

  1. 29.04.2026 11:46 2 articles · 2mo ago

    CISA adds ScreenConnect and Windows flaws to KEV

    Initial Disclosure

    On **Tuesday**, CISA moved **CVE-2024-1708** and **CVE-2026-32202** into the **KEV catalog**, starting a **May 12, 2026** remediation clock for **FCEB agencies**.

    Show sources