CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog based on evidence of active exploitation: CVE-2024-1708 (ConnectWise ScreenConnect Path Traversal) and CVE-2026-32202 (Microsoft Windows Protection Mechanism Failure). CISA urges all organizations to prioritize timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practices, as these represent significant active threats to enterprise security.
8.2/10·CISA Current Activity