CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities

CISA Warning: Four New Active Threats

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four high-risk security flaws to its Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities are being actively weaponized by threat actors globally. At Kian Technologies, we emphasize that these updates represent the highest priority for patch management.

Technical Breakdown of the New Vulnerabilities

• Zimbra Collaboration Suite (CVE-2025-68645): A PHP Remote File Inclusion (RFI) vulnerability that allows unauthenticated attackers to access sensitive system files. Exploitation has been active since mid-January 2026.
• Versa Concerto SD-WAN (CVE-2025-34026): A critical authentication bypass (CVSS 9.2) in the orchestration platform, allowing full administrative control over network backbones.
• Vite Vitejs (CVE-2025-31125): An improper access control flaw in the popular frontend build tool, potentially leaking source code and config files via the browser.
• npm Supply Chain Attack (CVE-2025-54313): Malicious code embedded in eslint-config-prettier and other packages, delivering the "Scavenger Loader" info-stealer.

Mandatory Compliance

Under BOD 22-01, federal agencies must remediate these by February 12, 2026. Private organizations are strongly advised to follow suit immediately. Kian Technologies recommends auditing all developer environments and enterprise collaboration tools for signs of compromise.

Become a Malware Analysis Expert As hackers switch to modern languages like Golang to build evasive tools, the industry needs experts who can deconstruct and stop these threats. Join the Best Ethical Hacking Institute in Bhilai & Raipur: Learn Malware Analysis, Reverse Engineering, and Advanced Threat Hunting. Enroll now to start your journey in Cybersecurity!