Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • World
  • Users
  • Groups
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (Cyborg)
  • No Skin
Collapse
Brand Logo

CIRCLE WITH A DOT
  1. Home
  2. Uncategorized
  3. 🚨 [CISA-2026:0320] CISA Adds 5 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0320)

🚨 [CISA-2026:0320] CISA Adds 5 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0320)

Scheduled Pinned Locked Moved Uncategorized
secdbinfoseccvecisakevcisa20260320
1 Posts 1 Posters 0 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • secdb@infosec.exchangeS This user is from outside of this forum
    secdb@infosec.exchangeS This user is from outside of this forum
    secdb@infosec.exchange
    wrote last edited by
    #1

    🚨 [CISA-2026:0320] CISA Adds 5 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0320)

    CISA has added 5 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2025-31277 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-31277)
    - Name: Apple Multiple Products Buffer Overflow Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Apple
    - Product: Multiple Products
    - Notes: https://support.apple.com/en-us/124147 ; https://support.apple.com/en-us/124149 ; https://support.apple.com/en-us/124152 ; https://support.apple.com/en-us/124153 ; https://support.apple.com/en-us/124155 ; https://nvd.nist.gov/vuln/detail/CVE-2025-31277

    ⚠️ CVE-2025-32432 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-32432)
    - Name: Craft CMS Code Injection Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Craft CMS
    - Product: Craft CMS
    - Notes: https://craftcms.com/knowledge-base/craft-cms-cve-2025-32432 ; https://github.com/craftcms/cms/security/advisories/GHSA-f3gw-9ww9-jmc3 ; https://nvd.nist.gov/vuln/detail/CVE-2025-32432

    ⚠️ CVE-2025-43510 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-43510)
    - Name: Apple Multiple Products Improper Locking Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Apple
    - Product: Multiple Products
    - Notes: https://support.apple.com/en-us/125632 ; https://support.apple.com/en-us/125633 ; https://support.apple.com/en-us/125634 ; https://support.apple.com/en-us/125635 ; https://support.apple.com/en-us/125636 ; https://support.apple.com/en-us/125637 ; https://support.apple.com/en-us/125638 ; https://support.apple.com/en-us/125639 ; https://nvd.nist.gov/vuln/detail/CVE-2025-43510

    ⚠️ CVE-2025-43520 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-43520)
    - Name: Apple Multiple Products Classic Buffer Overflow Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Apple
    - Product: Multiple Products
    - Notes: https://support.apple.com/en-us/125632 ; https://support.apple.com/en-us/125633 ; https://support.apple.com/en-us/125634 ; https://support.apple.com/en-us/125635 ; https://support.apple.com/en-us/125636 ; https://support.apple.com/en-us/125637 ; https://support.apple.com/en-us/125638 ; https://support.apple.com/en-us/125639 ; https://nvd.nist.gov/vuln/detail/CVE-2025-43520

    ⚠️ CVE-2025-54068 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-54068)
    - Name: Laravel Livewire Code Injection Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Laravel
    - Product: Livewire
    - Notes: https://github.com/livewire/livewire/security/advisories/GHSA-29cq-5w36-x7w3 ; https://github.com/livewire/livewire/commit/ef04be759da41b14d2d129e670533180a44987dc ; https://nvd.nist.gov/vuln/detail/CVE-2025-54068

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260320 #cisa20260320 #cve_2025_31277 #cve_2025_32432 #cve_2025_43510 #cve_2025_43520 #cve_2025_54068 #cve202531277 #cve202532432 #cve202543510 #cve202543520 #cve202554068

    1 Reply Last reply
    1
    0
    • R relay@relay.infosec.exchange shared this topic
    Reply
    • Reply as topic
    Log in to reply
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes

    • Login
    • Login or register to search.
    • First post
      Last post
    0
    • Categories
    • Recent
    • Tags
    • Popular
    • World
    • Users
    • Groups