CISA has added [CVE-2026-25089](https://hellorecon.com/blog/cve-2026-25089) to its Known Exploited Vulnerabilities catalog — meaning there is confirmed, active exploitation in the wild. The flaw is an