{"id":251501,"date":"2026-05-21T11:41:00","date_gmt":"2026-05-21T15:41:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/05\/21\/cisa-asks-cybersecurity-community-to-alert-it-to-vulnerability-exploitation\/"},"modified":"2026-05-21T11:50:10","modified_gmt":"2026-05-21T15:50:10","slug":"cisa-asks-cybersecurity-community-to-alert-it-to-vulnerability-exploitation","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/05\/21\/cisa-asks-cybersecurity-community-to-alert-it-to-vulnerability-exploitation\/","title":{"rendered":"CISA asks cybersecurity community to alert it to vulnerability exploitation"},"content":{"rendered":"<p><a href=\"https:\/\/www.cybersecuritydive.com\/news\/cisa-cve-vulnerability-exploitation-nominations\/820870\/\">CISA asks cybersecurity community to alert it to vulnerability exploitation<\/a><\/p>\n<p><a href=\"https:\/\/www.cybersecuritydive.com\/news\/cisa-cve-vulnerability-exploitation-nominations\/820870\/\">https:\/\/www.cybersecuritydive.com\/news\/cisa-cve-vulnerability-exploitation-nominations\/820870\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-21 11:41:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.cybersecuritydive.com\">www.cybersecuritydive.com<\/a><\/p>\n<p><span><span><span><span><span><span>The Cybersecurity and Infrastructure Security Agency is now letting security experts nominate vulnerabilities to the agency\u2019s Known Exploited Vulnerabilities catalog.<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span><span><span><span><span><span>CISA on Thursday <\/span><\/span><\/span><\/span><\/span><\/span><span><span><span><span><span><span><span><span>published a form<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><span><span><span><span><span><span> that technology vendors, independent researchers and anyone else can use to warn CISA that hackers are exploiting a vulnerability and it should be added to the KEV.<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span><span><span><span><span><span>\u201cThis new reporting capability enhances CISA\u2019s ability to identify, validate, and quickly share critical threat information,\u201d Chris Butera, CISA\u2019s acting executive assistant director for cybersecurity, said in a statement. \u201cEarly detection and coordinated vulnerability disclosure are among the most powerful tools we have to reduce risk at scale.\u201d<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span><span><span><span><span><span>The form asks submitters to provide as much information as possible about a vulnerability, including its CVE number, evidence of exploitation and mitigation guidance. The form also asks whether the vulnerability affects multiple vendors or products.<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span><span><span><span><span><span>CISA has struggled in the past to keep the KEV up to date. In 2023, several examples of <\/span><\/span><\/span><\/span><\/span><\/span><span><span><span><span><span><span><span><span>CISA belatedly warning of exploitation<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><span><span><span><span><span><span> prompted one expert to call it \u201ca trailing indicator\u201d of hacking activity.<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<h3 class=\"standard-heading\"><span><span><span><strong><span><span>Fast-growing catalog<\/span><\/span><\/strong><\/span><\/span><\/span><\/h3>\n<p><span><span><span><span><span><span>CISA has steadily been expanding the KEV since its launch in November 2021 alongside a requirement that agencies patch newly listed flaws within short time windows. As of Thursday morning, <\/span><\/span><\/span><\/span><\/span><\/span><span><span><span><span><span><span><span><span>the catalog listed<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><span><span><span><span><span><span> roughly 1,600 vulnerabilities. CISA has updated the KEV six times in the past two weeks, including <\/span><\/span><\/span><\/span><\/span><\/span><span><span><span><span><span><span><span><span>listing seven new vulnerabilities<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><span><span><span><span><span><span> on Thursday.<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span><span><span><span><span><span>The growth of the catalog comes as another agency struggles to keep up with a flood of newly disclosed flaws. The National Institute of Standards and Technology has spent decades enriching its own vulnerability database with detailed exploitation and mitigation information, but <\/span><\/span><\/span><\/span><\/span><\/span><span><span><span><span><span><span><span><span>NIST recently announced<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><span><span><span><span><span><span> that it would have to scale back that enrichment work and prioritize only&#8230;<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><a href=\"https:\/\/www.cybersecuritydive.com\/news\/cisa-cve-vulnerability-exploitation-nominations\/820870\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA asks cybersecurity community to alert it to vulnerability exploitation https:\/\/www.cybersecuritydive.com\/news\/cisa-cve-vulnerability-exploitation-nominations\/820870\/ Publish Date: 2026-05-21 11:41:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":251503,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/imgproxy.divecdn.com\/KaUPWOP9EUOw32dZjDO7PH2eerJzbsxu8hxNDPk0xD8\/g:ce\/rs:fit:770:435\/Z3M6Ly9kaXZlc2l0ZS1zdG9yYWdlL2RpdmVpbWFnZS9DSVNBX2hlYWRlci5qcGc=.webp","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[90,57,27],"class_list":["post-251501","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cve","tag-security","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/251501"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=251501"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/251501\/revisions"}],"predecessor-version":[{"id":251505,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/251501\/revisions\/251505"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/251503"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=251501"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=251501"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=251501"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}