THREAT OPS › Threat News › CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog
<p>CISA has added two new vulnerabilities to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog">Known Exploited Vulnerabilities (KEV) Catalog</a>, based on evidence of active exploitation.</p> <ul> <li><a href="https://www.cve.org/CVERecord?id=CVE-2026-48939" target="_blank">CVE-2026-48939</a> iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability</li> <li><
MITRE ATT&CK techniques
- VulnerabilitiesT1588.006
Indicators of compromise
- CVE-2026-48939cve
- CVE-2026-56291cve
- https://www.cve.org/CVERecord?id=CVE-2026-48939url
- https://www.cve.org/CVERecord?id=CVE-2026-56291url
- https://cisasurvey.gov1.qualtrics.com/jfe/form/SV_1Zwu52kgK2OYf3wurl