
CISA Adds Eight Exploited Vulnerabilities to KEV Catalog
CybersecurityVulnerabilitiesExploitationCompliance
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog on Monday, including three flaws affecting Cisco Catalyst SD-WAN Manager, due to evidence of active exploitation. Among the listed vulnerabilities is CVE-2023-27351, an improper authentication flaw in PaperCut with a CVSS score of 8.2. CISA set federal compliance deadlines for remediation between April and May 2026. The update reflects ongoing threats targeting these vulnerabilities in real-world attacks. No additional technical details or affected versions were specified beyond the CVE identifiers and CVSS scores.