1 article
CISA's late-April Known Exploited Vulnerabilities additions include a Windows Shell protection mechanism failure under active exploitation and a Cisco Catalyst SD-WAN Manager flaw allowing unauthenticated access to sensitive OS files. Federal agencies face a May 12 remediation deadline for CVE-2026-32202; enterprise organisations should treat both additions as confirmation of active threat actor interest and patch accordingly.