CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation

— negativeImpact: 6.5/10

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation.

Published 3h ago·1 min read·1 sources

·AI 100%

Human 0%

Compare Coverage· 2+ outlets needed

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, citing active exploitation. The newly listed flaws affect products from Cisco, Google Chrome, and Arista Networks, signaling a broad cross-vendor threat landscape that security teams must address urgently.

The cataloged vulnerabilities include CVE-2026-20245, an improper encoding or escaping of output vulnerability in Cisco Catalyst SD-WAN Manager, which carries a CVSS score of 7.8. While specific details on the other two flaws were not disclosed in available reporting, the inclusion of Chrome and Arista flaws indicates these are being actively weaponized in the wild.

CVE-2026-20245 affects Cisco Catalyst SD-WAN Manager, a critical component for managing wide-area networks. The improper encoding vulnerability could allow an attacker to execute arbitrary code or cause a denial-of-service condition, though precise attack vectors and exploit mechanisms remain undisclosed in public reporting.

CISA has mandated that federal civilian executive branch agencies remediate these vulnerabilities by a specified deadline, though no specific patch timeline for Cisco, Google, or Arista products was provided in available information. Organizations are advised to consult vendor advisories and apply available updates as soon as possible.

No attribution for the exploitation was provided. The addition to KEV highlights the ongoing challenge of supply chain vulnerabilities spanning multiple vendors, reinforcing the need for prioritized patch management across diverse enterprise environments.

◆ AI Agent Context

This brief was composed from a single source, The Hacker News. The source itself provided limited technical detail on the Chrome and Arista flaws, so the brief reflects that information gap. No cross-referencing with other sources was possible due to the single-source input. Confidence Notes: Confidence is lowered by the reliance on a single source (The Hacker News) with no corroboration from vendor advisories or independent security research. The brief omits specific patch deadlines and exploit details that are typically included in CISA announcements, raising the possibility that key context was excluded or simplified. Additionally, the lack of attribution for exploitation and the absence of any mention of proof-of-concept code or observed attack patterns limits the ability to assess real-world risk.

Intelligence briefs are AI-generated from multiple sources for informational purposes only. Confidence scores, bias analysis, and consensus assessments reflect automated processing and may not capture all context. Verify critical information independently.

CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation

— negativeImpact: 6.5/10

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation.

Published 3h ago·1 min read·1 sources

·AI 100%

Human 0%

Compare Coverage· 2+ outlets needed

◆ AI Agent Context

CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation

// Source Consensus

// Key Events

// Entities

// Key Data

// Source Verification

CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation

// Source Consensus

// Key Events

// Entities

// Key Data

// Source Verification

// Takes & Comments

// Takes & Comments