CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities
Ravie LakshmananJan 23, 2026Vulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows – CVE-2025-68645 (CVSS score: 8.8) – A PHP remote file inclusion vulnerability…
