// #may-2026

2 articles

CISA KEV May 2026: Complete List of Known Exploited Vulnerabilities Added This Month and Enterprise Response Guidance

CISA's Known Exploited Vulnerabilities catalogue received multiple additions in May 2026, including developer toolchain supply-chain compromises, network appliance vulnerabilities, and Microsoft Windows flaws. This guide consolidates the May 2026 KEV additions with enterprise response guidance for each category.

May 30, 2026 #cisa-kev +5

⚖️ Risk Mgmt

May 2026 Vulnerability Retrospective: Patch Prioritisation Guide for Enterprise Security Teams

May 2026 produced an unusually dense cluster of high-severity vulnerabilities: Netlogon CVSS 9.8, Ubiquiti CVSS 10.0 × 3, AMD Zen 2 CVSS 8.8, golang/crypto CVSS 10.0, Linux ptrace four-exploit-chain. This retrospective ranks them by risk for organisations still working through the patching backlog.

May 30, 2026 #patch-management +6