CISA KEV catalog addition for SonicWall SMA 1000 flaws
Public Sector Action
Summary
Hide ▲
Show ▼
CISA added CVE-2026-15409 and CVE-2026-15410 affecting SonicWall SMA 1000 appliances to the KEV catalog, turning the flaws into a federal remediation priority for FCEB agencies. The directive requires those agencies to apply the fixes by July 17, 2026 after reports of active exploitation. The action escalates the vulnerabilities from vendor disclosure to a mandatory government tracking and remediation item.
Related Happenings
SonicWall SMA1000 SSRF and code injection flaws (multiple vulnerabilities)
Vulnerability
H score48
First: 15.07.2026 00:23
Last: 15.07.2026 00:23
Sources 1
How related:
SonicWall has warned of active exploitation of two zero-day vulnerabilities impacting Secure Mobile Access (SMA) 1000 series appliances, one of which could be exploited to achieve arbitrary command execution.
About this happening:
**SonicWall SMA1000** devices face active exploitation of **CVE-2026-15409** and **CVE-2026-15410**, creating urgent risk for exposed appliances. **CVE-2026-15409** is a **CVSS 10...
SonicWall SMA1000 SSRF and code injection flaws (multiple vulnerabilities)
VulnerabilityHow related: SonicWall has warned of active exploitation of two zero-day vulnerabilities impacting Secure Mobile Access (SMA) 1000 series appliances, one of which could be exploited to achieve arbitrary command execution.
About this happening: **SonicWall SMA1000** devices face active exploitation of **CVE-2026-15409** and **CVE-2026-15410**, creating urgent risk for exposed appliances. **CVE-2026-15409** is a **CVSS 10...
SonicWall security patch release for CVE-2026-15409
Security Patch Release
H score54
First: 15.07.2026 00:23
Last: 15.07.2026 00:23
Sources 1
How related:
The patches are available in the following versions -
About this happening:
SonicWall released **hotfix security updates** for **SMA1000** appliances after confirming active exploitation of **CVE-2026-15409** and **CVE-2026-15410**. The fixes are availabl...
SonicWall security patch release for CVE-2026-15409
Security Patch ReleaseHow related: The patches are available in the following versions -
About this happening: SonicWall released **hotfix security updates** for **SMA1000** appliances after confirming active exploitation of **CVE-2026-15409** and **CVE-2026-15410**. The fixes are availabl...
CISA KEV order for FCEB agencies on LiteSpeed cPanel flaw
Public Sector Action
H score36
First: 16.06.2026 13:47
Last: 16.06.2026 13:47
Sources 1
About this happening:
**CISA** added the **LiteSpeed cPanel user-end plugin** flaw to **KEV** and ordered **Federal Civilian Executive Branch agencies** to secure systems within **three days** under **...
CISA KEV order for FCEB agencies on LiteSpeed cPanel flaw
Public Sector ActionAbout this happening: **CISA** added the **LiteSpeed cPanel user-end plugin** flaw to **KEV** and ordered **Federal Civilian Executive Branch agencies** to secure systems within **three days** under **...
CISA BOD 26-04 prioritizes vulnerability remediation for federal civilian agencies
Public Sector Action
H score27
First: 10.06.2026 15:00
Last: 10.06.2026 15:00
Sources 1
About this happening:
**CISA** issued **Binding Operational Directive 26-04** to require **federal civilian agencies** to prioritize vulnerability remediation using **Asset Exposure**, **KEV Status**,...
CISA BOD 26-04 prioritizes vulnerability remediation for federal civilian agencies
Public Sector ActionAbout this happening: **CISA** issued **Binding Operational Directive 26-04** to require **federal civilian agencies** to prioritize vulnerability remediation using **Asset Exposure**, **KEV Status**,...
CISA KEV remediation for Android and Linux vulnerabilities
Advisory/Mitigation
H score57
First: 03.06.2026 18:36
Last: 03.06.2026 18:36
Sources 1
About this happening:
CISA’s **KEV** update forced **federal agencies** to remediate **CVE-2025-48595** and **CVE-2022-0492** in **Android** and the **Linux kernel** before the **June 5** deadline, or...
CISA KEV remediation for Android and Linux vulnerabilities
Advisory/MitigationAbout this happening: CISA’s **KEV** update forced **federal agencies** to remediate **CVE-2025-48595** and **CVE-2022-0492** in **Android** and the **Linux kernel** before the **June 5** deadline, or...
Timeline
-
15.07.2026 08:30 2 articles · 2h ago
CISA adds SonicWall SMA 1000 flaws to the KEV catalog
Legal Policy Action UpdateCISA added CVE-2026-15409 and CVE-2026-15410 to its Known Exploited Vulnerabilities catalog after SonicWall said it was seeing active exploitation of the Secure Mobile Access (SMA) 1000 series appliances. SonicWall urged customers to apply platform-hotfix fixes, review systems for indicators of compromise such as suspicious requests in extraweb_access.log and malformed routes in /var/lib/unit/conf.json, and re-image or redeploy affected appliances if those indicators are present. The catalog action requires Federal Civilian Executive Branch agencies to apply the fixes by July 17, 2026.
Show sources
- Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands — thehackernews.com — 15.07.2026 08:30
- Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands — thehackernews.com — 15.07.2026 08:30