CISA has added **CVE-2026-58644**, a critical remote code execution zero-day in Microsoft SharePoint Server, to its [Known Exploited Vulnerabilities (KEV) catalog](https://thehackernews.com/2026/07/ci
CISA has added [CVE-2026-25089](https://hellorecon.com/blog/cve-2026-25089) to its Known Exploited Vulnerabilities catalog — meaning there is confirmed, active exploitation in the wild. The flaw is an
CISA has added two maximum-severity vulnerabilities in popular Joomla extensions to its [Known Exploited Vulnerabilities (KEV) catalog](https://thehackernews.com/2026/07/icagenda-and-balbooa-forms-joo
CISA added [CVE-2026-45659](https://thehackernews.com/2026/07/sharepoint-rce-cve-2026-45659-added-to.html) to its Known Exploited Vulnerabilities (KEV) catalog on Wednesday — a high-severity remote co
The U.S. Cybersecurity and Infrastructure Security Agency has added a maximum-severity remote code execution flaw in the Widget Factory **Joomla Content Editor (JCE)** plugin to its [Known Exploited V
CISA has added **CVE-2026-42271** in [BerriAI LiteLLM to its Known Exploited Vulnerabilities catalog](https://thehackernews.com/2026/06/litellm-flaw-cve-2026-42271-exploited.html), confirming active e
CISA has added **CVE-2026-45247** to its [Known Exploited Vulnerabilities (KEV) catalog](https://thehackernews.com/2026/06/cisa-adds-exploited-magento-rce-flaw.html), confirming active in-the-wild exp