Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

CISA BOD 26-04 three-day remediation directive

Public Sector Action
First reported
Last updated
Happening score
H score 36
1 unique sources, 1 articles

Summary

Hide ▲

CISA's BOD 26-04 requires federal agencies to apply available security updates or vendor-recommended mitigations within three days, accelerating remediation for actively exploited flaws. The directive increases pressure on agencies to reduce exposure across affected systems before attackers can expand access.

Related Happenings

CISA KEV order for FCEB agencies on LiteSpeed cPanel flaw

Public Sector Action
H score36 First: 16.06.2026 13:47 Last: 16.06.2026 13:47 Sources 1

About this happening: **CISA** added the **LiteSpeed cPanel user-end plugin** flaw to **KEV** and ordered **Federal Civilian Executive Branch agencies** to secure systems within **three days** under **...

Open Happening

CISA BOD 26-04 remediation requirements

Advisory/Mitigation
H score31 First: 11.06.2026 15:46 Last: 11.06.2026 15:46 Sources 1

About this happening: CISA’s **Binding Operational Directive 26-04** forces **FCEB agencies** to speed up remediation of high-risk vulnerabilities, with some deadlines as short as **3 days** and new **...

Open Happening

CISA BOD 26-04 prioritizes vulnerability remediation for federal civilian agencies

Public Sector Action
H score27 First: 10.06.2026 15:00 Last: 10.06.2026 15:00 Sources 1

About this happening: **CISA** issued **Binding Operational Directive 26-04** to require **federal civilian agencies** to prioritize vulnerability remediation using **Asset Exposure**, **KEV Status**,...

Open Happening

CISA KEV remediation for Android and Linux vulnerabilities

Advisory/Mitigation
H score57 First: 03.06.2026 18:36 Last: 03.06.2026 18:36 Sources 1

About this happening: CISA’s **KEV** update forced **federal agencies** to remediate **CVE-2025-48595** and **CVE-2022-0492** in **Android** and the **Linux kernel** before the **June 5** deadline, or...

Open Happening

CERT-In 12-hour KEV remediation guidance

Advisory/Mitigation
H score39 First: 26.05.2026 13:30 Last: 26.05.2026 13:30 Sources 1

About this happening: CERT-In set a **12-hour** expectation for containing or remediating **known exploited vulnerabilities** on **internet-facing and crown-jewel systems**, sharply shortening response...

Open Happening

Timeline

  1. 24.06.2026 17:35 2 articles · 3h ago

    CISA orders federal agencies to remediate actively exploited Ubiquiti and Lantronix flaws in three days

    Legal Policy Action Update

    CISA says hackers are actively exploiting flaws in Ubiquiti UniFi OS and Lantronix EDS5000 serial-to-ethernet servers, and BOD 26-04 gives federal agencies three days to apply available security updates or vendor-recommended mitigations for CVE-2026-34908, CVE-2026-34909, CVE-2026-34910, and CVE-2025-67038.

    Show sources
    Open in new tab