// #remediation-deadline

CISA Adds Chrome V8 Zero-Day, Cisco SD-WAN, and Arista EOS to Known Exploited Vulnerabilities Catalogue

CISA added three vulnerabilities to the KEV catalogue on 9 June: Google Chrome CVE-2026-11645 (V8 out-of-bounds write, actively exploited), Cisco SD-WAN CVE-2026-20245 (authentication bypass), and Arista EOS CVE-2026-7473 (privilege escalation command injection). Federal agencies face a 30 June remediation deadline across all three.