CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines

CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines

https://thehackernews.com/2026/04/cisa-adds-8-exploited-flaws-to-kev-sets.html

Publish Date: 2026-04-21 02:23:00

Source Domain: thehackernews.com

Ravie LakshmananApr 21, 2026Network Security / Threat Intelligence

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including three flaws impacting Cisco Catalyst SD-WAN Manager, citing evidence of active exploitation.

The list of vulnerabilities is as follows –

• CVE-2023-27351 (CVSS score: 8.2) – An improper authentication vulnerability in PaperCut NG/MF that could allow an attacker to bypass authentication on affected installations via the SecurityRequestFilter class.
• CVE-2024-27199 (CVSS score: 7.3) – A relative path traversal vulnerability in JetBrains TeamCity that could allow an attacker to perform limited admin actions.
• CVE-2025-2749 (CVSS score: 7.2) – A path traversal vulnerability in Kentico Xperience that could allow an authenticated user’s Staging Sync Server to upload arbitrary data to path relative locations.
• CVE-2025-32975 (CVSS score: 10.0) – An improper authentication vulnerability in Quest KACE Systems Management Appliance (SMA) that could allow an attacker to impersonate legitimate users without valid credentials. 
• CVE-2025-48700 (CVSS score: 6.1) – A cross-site scripting vulnerability in Synacor Zimbra Collaboration Suite (ZCS) that could allow an attacker to execute arbitrary JavaScript within the user’s session, resulting in unauthorized access to sensitive information.
• CVE-2026-20122 (CVSS score: 5.4) – An incorrect use of privileged APIs vulnerability in Cisco Catalyst SD-WAN Manager that could allow an attacker to upload and overwrite arbitrary files on the affected system and gain vmanage user privileges.
• CVE-2026-20128 (CVSS score: 7.5) – A storing passwords in a recoverable format vulnerability in Cisco Catalyst SD-WAN Manager that could allow an authenticated, local attacker to gain DCA user privileges by accessing a credential file for the DCA user on the filesystem as a low-privileged user.
• CVE-2026-20133 (CVSS…

Source