Find notable cyber news and cases, enriched with sources, timelines, and signals.

CISA KEV catalog addition for SonicWall SMA 1000 flaws

Public Sector Action
First reported
Last updated
Happening score
H score 34
1 unique sources, 1 articles

Summary

Hide ▲

CISA added CVE-2026-15409 and CVE-2026-15410 affecting SonicWall SMA 1000 appliances to the KEV catalog, turning the flaws into a federal remediation priority for FCEB agencies. The directive requires those agencies to apply the fixes by July 17, 2026 after reports of active exploitation. The action escalates the vulnerabilities from vendor disclosure to a mandatory government tracking and remediation item.

Related Happenings

SonicWall SMA1000 SSRF and code injection flaws (multiple vulnerabilities)

Vulnerability
H score48 First: 15.07.2026 00:23 Last: 15.07.2026 00:23 Sources 1

How related: SonicWall has warned of active exploitation of two zero-day vulnerabilities impacting Secure Mobile Access (SMA) 1000 series appliances, one of which could be exploited to achieve arbitrary command execution.

About this happening: **SonicWall SMA1000** devices face active exploitation of **CVE-2026-15409** and **CVE-2026-15410**, creating urgent risk for exposed appliances. **CVE-2026-15409** is a **CVSS 10...

SonicWall security patch release for CVE-2026-15409

Security Patch Release
H score54 First: 15.07.2026 00:23 Last: 15.07.2026 00:23 Sources 1

How related: The patches are available in the following versions -

About this happening: SonicWall released **hotfix security updates** for **SMA1000** appliances after confirming active exploitation of **CVE-2026-15409** and **CVE-2026-15410**. The fixes are availabl...

CISA KEV order for FCEB agencies on LiteSpeed cPanel flaw

Public Sector Action
H score36 First: 16.06.2026 13:47 Last: 16.06.2026 13:47 Sources 1

About this happening: **CISA** added the **LiteSpeed cPanel user-end plugin** flaw to **KEV** and ordered **Federal Civilian Executive Branch agencies** to secure systems within **three days** under **...

CISA BOD 26-04 prioritizes vulnerability remediation for federal civilian agencies

Public Sector Action
H score27 First: 10.06.2026 15:00 Last: 10.06.2026 15:00 Sources 1

About this happening: **CISA** issued **Binding Operational Directive 26-04** to require **federal civilian agencies** to prioritize vulnerability remediation using **Asset Exposure**, **KEV Status**,...

CISA KEV remediation for Android and Linux vulnerabilities

Advisory/Mitigation
H score57 First: 03.06.2026 18:36 Last: 03.06.2026 18:36 Sources 1

About this happening: CISA’s **KEV** update forced **federal agencies** to remediate **CVE-2025-48595** and **CVE-2022-0492** in **Android** and the **Linux kernel** before the **June 5** deadline, or...

Timeline

  1. 15.07.2026 08:30 2 articles · 2h ago

    CISA adds SonicWall SMA 1000 flaws to the KEV catalog

    Legal Policy Action Update

    CISA added CVE-2026-15409 and CVE-2026-15410 to its Known Exploited Vulnerabilities catalog after SonicWall said it was seeing active exploitation of the Secure Mobile Access (SMA) 1000 series appliances. SonicWall urged customers to apply platform-hotfix fixes, review systems for indicators of compromise such as suspicious requests in extraweb_access.log and malformed routes in /var/lib/unit/conf.json, and re-image or redeploy affected appliances if those indicators are present. The catalog action requires Federal Civilian Executive Branch agencies to apply the fixes by July 17, 2026.

    Show sources