CISA Issues Alert on Exploited Microsoft Defender Zero-Day Vulnerabilities
CVEs:
CVE-2026-45498
Indicators of Compromise
727 articles containing extracted IOCs (CVEs, IPs, hashes, domains, URLs, emails)
CISAβs new KEV nomination form opens reporting to vendors and researchers
U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog
CVEs:
CVE-2025-34291
TrendAI Patches Apex One Zero-Day Exploited in the Wild
CVEs:
CVE-2026-34926
One Telecom Provider Hosted Most of the Middle East βs Active C2 Infrastructure
Domains:
hunt.io
CISA Warns Trend Micro Apex One Vulnerability Is Being Exploited in Attacks
CVEs:
CVE-2026-34926
Cross-Platform NPM Stealer, (Fri, May 22nd)
CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
CVEs:
CVE-2025-34291
Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
CVEs:
CVE-2026-20223
ISC Stormcast For Friday, May 22nd, 2026 https://isc.sans.edu/podcastdetail/9942, (Fri, May 22nd)
Unpatched ChromaDB flaw leaves servers open to remote code execution
CVEs:
CVE-2026-45829
U.S. CISA adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog
CVEs:
CVE-2008-4250
Attackers exploit SonicWall VPN vulnerability to bypass MFA
CVEs:
CVE-2024-12802
CVE-2026-9082: Highly Critical SQL Injection Vulnerability in Drupal Core (SA-CORE-2026-004)
CVEs:
CVE-2026-9082
Cisco fixed maximum severity flaw CVE-2026-20223 in Secure Workload
CVEs:
CVE-2026-20223
ABB Terra AC Wallbox
CVEs:
CVE-2025-10504
CVE-2025-12142
CVE-2025-12143
Hitachi Energy GMS600
CVEs:
CVE-2022-4304
ABB B&R Automation Runtime
CVEs:
CVE-2025-3449
CVE-2025-3448
CVE-2025-11498
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CVEs:
CVE-2025-34291
CVE-2026-34926
Microsoft Defender Zero-Day Vulnerabilities Actively Exploited in the Wild
CVEs:
CVE-2026-41091
CVE-2026-45498