- The U.S. cybersecurity agency has flagged eight new software flaws being actively exploited by attackers.
- Three of the vulnerabilities impact Cisco Catalyst SD-WAN Manager, with federal agencies given a critical deadline to patch.
- Several critical flaws, including one with a maximum CVSS score of 10.0 in a Quest KACE appliance, are part of the urgent warning.
- The catalog now includes older threats like a PaperCut bug tied to ransomware groups and newly observed exploits against JetBrains and Synacor software.
On April 21, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) urgently added eight dangerous security vulnerabilities to its public catalog, citing clear evidence of active in-the-wild exploitation. Three of the critical flaws specifically target Cisco Catalyst SD-WAN Manager, a crucial networking component for many organizations.
Consequently, federal agencies have been ordered to patch the Cisco issues by April 23. They must address the remaining five vulnerabilities in the Known Exploited Vulnerabilities (KEV) catalog by May 4, 2026.
The list includes severe bugs like CVE-2025-32975, a perfect 10.0-scored flaw in Quest KACE Systems Management Appliance that allows complete user impersonation. Meanwhile, CVE-2024-27199 in JetBrains TeamCity and a cross-site scripting bug in Synacor Zimbra Collaboration Suite also pose significant risks.
However, older threats remain potent, as a 2023 PaperCut flaw (CVE-2023-27351) was previously used by the Lace Tempest group to deploy ransomware. Similarly, Cisco confirmed the active exploitation of two SD-WAN Manager bugs in March 2026, according to its security advisory.
Security firm Arctic Wolf recently observed attacks leveraging the Quest KACE vulnerability as well. This coordinated action by CISA underscores the persistent and widespread threat from unpatched enterprise software.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
