CISA Adds Four Actively Exploited Vulnerabilities to KEV, Urges Immediate Remediation

CISA Adds Four Actively Exploited Vulnerabilities to KEV, Urges Immediate Remediation
sittisak mintaboon Cybersecurity Articles
Views: 518 views

101/69 Thursday, February 19, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog after confirming evidence of active exploitation. The newly added vulnerabilities are:

  • CVE-2026-2441 – A Use-After-Free vulnerability in Google Chrome (CVSS 8.8) that may allow attackers to execute arbitrary code via a specially crafted HTML page.
  • CVE-2024-7694 – An Arbitrary File Upload vulnerability in TeamT5 ThreatSonar Anti-Ransomware versions 3.4.5 and earlier (CVSS 7.2), which could lead to remote command execution on the server.
  • CVE-2020-7796 – A Server-Side Request Forgery (SSRF) vulnerability in Synacor Zimbra Collaboration Suite (CVSS 9.8), potentially enabling unauthorized access to sensitive data.
  • CVE-2008-0015 – A Stack-Based Buffer Overflow vulnerability in Microsoft Windows Video ActiveX Control (CVSS 8.8), which may result in remote code execution.

Regarding CVE-2026-2441, Google has confirmed active exploitation in the wild. However, detailed technical information about the attack techniques has not been disclosed to prevent further abuse. Meanwhile, CVE-2020-7796 was previously reported by GreyNoise in March 2025, which observed more than 400 IP addresses exploiting multiple SSRF vulnerabilities, including this one, targeting systems across the United States, Germany, Singapore, India, Lithuania, and Japan.

In the case of CVE-2008-0015, visiting a malicious webpage containing exploit code could cause a system to connect to a remote server and download additional malware, such as the Dogkild worm. This worm is capable of spreading through removable drives, downloading additional payloads, modifying system files, terminating security processes, and altering the Windows Hosts file to block access to security-related websites.

CISA has directed Federal Civilian Executive Branch (FCEB) agencies to remediate these vulnerabilities by March 10, 2026, to reduce the risk of compromise.

Source https://thehackernews.com/2026/02/cisa-flags-four-security-flaws-under.html

Post Views: 626