{"source":"kev","note":"Free 5-item preview. The full feed is $0.05/call at GET /v1/kev/changes.","question":"Which vulnerabilities were newly added to CISA's Known-Exploited catalogue since T (i.e. are being actively exploited)?","sample":[{"source":"kev","entityId":"cve:CVE-2024-21182","type":"actively_exploited","title":"CVE-2024-21182: Oracle WebLogic Server Unspecified Vulnerability (Oracle WebLogic Server)","summary":"Oracle WebLogic contains an unspecified vulnerability that could allow an unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. (due 2026-06-04). Known ransomware use.","significance":10,"detectedAt":"2026-07-14T22:21:12.825Z","effectiveDate":"2026-06-01","sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2024-21182","detail":{"vendor":"Oracle","product":"WebLogic Server","dueDate":"2026-06-04","ransomware":true,"requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable."}},{"source":"kev","entityId":"cve:CVE-2025-48595","type":"actively_exploited","title":"CVE-2025-48595: Android Framework Integer Overflow Vulnerability (Android Framework)","summary":"Android Framework contains an integer overflow vulnerability that allows for code execution that could allow for local privilege escalation. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. (due 2026-06-05). Known ransomware use.","significance":10,"detectedAt":"2026-07-14T22:21:12.825Z","effectiveDate":"2026-06-02","sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2025-48595","detail":{"vendor":"Android","product":"Framework","dueDate":"2026-06-05","ransomware":true,"requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable."}},{"source":"kev","entityId":"cve:CVE-2022-0492","type":"actively_exploited","title":"CVE-2022-0492: Linux Kernel Improper Authentication Vulnerability (Linux Kernel)","summary":"Linux Kernel contains an improper authentication vulnerability which could allow for privilege escalation via the cgroups v1 release_agent feature. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. (due 2026-06-05). Known ransomware use.","significance":10,"detectedAt":"2026-07-14T22:21:12.825Z","effectiveDate":"2026-06-02","sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2022-0492","detail":{"vendor":"Linux","product":"Kernel","dueDate":"2026-06-05","ransomware":true,"requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable."}},{"source":"kev","entityId":"cve:CVE-2026-45247","type":"actively_exploited","title":"CVE-2026-45247: Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability (Mirasvit Mirasvit Full Page Cache Warmer)","summary":"Mirasvit Full Page Cache Warmer contains a deserialization of untrusted data vulnerability that could allow unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. (due 2026-06-06). Known ransomware use.","significance":10,"detectedAt":"2026-07-14T22:21:12.825Z","effectiveDate":"2026-06-03","sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-45247","detail":{"vendor":"Mirasvit","product":"Mirasvit Full Page Cache Warmer","dueDate":"2026-06-06","ransomware":true,"requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable."}},{"source":"kev","entityId":"cve:CVE-2026-28318","type":"actively_exploited","title":"CVE-2026-28318: SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability (SolarWinds Serv-U)","summary":"SolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST requests using the Content-Encoding: deflate header to crash the Serv-U service without authentication. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. (due 2026-06-19). Known ransomware use.","significance":10,"detectedAt":"2026-07-14T22:21:12.825Z","effectiveDate":"2026-06-05","sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-28318","detail":{"vendor":"SolarWinds","product":"Serv-U","dueDate":"2026-06-19","ransomware":true,"requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable."}}]}