-
CISA adds two known exploited vulnerabilities to its catalog
CISA has added two new vulnerabilities to its Catalog of Known Exploited Vulnerabilities (KEV), based on evidence of active exploitation. CVE-2025-49113 RoundCube Webmail Deserialization Untrusted Data Vulnerability CVE-2025-68461 Cross-site scripting…
-
Vulnerability in Dell RecoverPoint for Virtual Machines could allow arbitrary code execution
MS-ISAC NOTICE NUMBER: 2026-015 ISSUE DATE(S): 02/18/2026 PREVIEW: A vulnerability has been discovered in Dell RecoverPoint for Virtual Machines that could allow arbitrary code execution. Dell RecoverPoint for Virtual Machines…
-
Multiple vulnerabilities in Ivanti Endpoint Manager Mobile could allow remote code execution
MS-ISAC NOTICE NUMBER: 2026-009 ISSUE DATE(S): 01/30/2026 PREVIEW: Several vulnerabilities have been discovered in Ivanti Endpoint Manager Mobile that could allow remote code execution. Ivanti Endpoint Manager Mobile is a…
-
A vulnerability in the WatchGuard Fireware operating system could allow arbitrary code execution.
MS-ISAC NOTICE NUMBER: 2025-118 ISSUE DATE(S): 12/23/2025 PREVIEW: A vulnerability has been discovered in WatchGuard Fireware OS that could allow unauthenticated arbitrary code execution. WatchGuard Fireware is the proprietary operating…
-
Vulnerability in Cisco AsyncOS Could Allow Remote Code Execution
We recommend that the following actions be taken: * Once available, apply appropriate Cisco-provided workarounds to vulnerable systems immediately after appropriate testing. (M1051: software update) o Backup 7.1: Establish and…
-
Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure
Summary Note: This joint Cybersecurity Advisory is being published as an addition to the Cybersecurity and Infrastructure Security Agency (CISA) May 6, 2025, joint fact sheet Primary Mitigations to Reduce…
-
Vulnerability in SonicOS could allow denial of service (DoS)
MS-ISAC NOTICE NUMBER: 2025-110 ISSUE DATE(S): 11/24/2025 PREVIEW: A vulnerability has been discovered in SonicOS, which could allow a denial of service (DoS). SonicOS is the operating system that runs…
-
Several vulnerabilities in Google Chrome could allow arbitrary code execution
MS-ISAC NOTICE NUMBER: 2025-109 ISSUE DATE(S): 11/24/2025 PREVIEW: Several vulnerabilities have been discovered in Google Chrome, the most serious of which could allow the execution of arbitrary code. Successful exploitation…
-
Vulnerability in FortiWeb could allow remote code execution
MS-ISAC NOTICE NUMBER: 2025-107 ISSUE DATE(S): 14/11/2025 PREVIEW: A vulnerability has been discovered in FortiWeb, which could allow remote code execution. FortiWeb is a web application firewall (WAF) developed by…
