ACCORDING to CISA, the Known Exploited Vulnerabilities (KEV) catalog lists CVE-2012-1854 as Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability, noting that VBA contains an insecure library loading flaw that could allow remote code execution.
The entry shows that the vulnerability is Known To Be Used in Ransomware Campaigns? as Unknown and provides action guidance to apply mitigations per vendor instructions, follow applicable guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Date Added is 13 April 2026 with a Due Date of 27 April 2026. Additional notes reference Microsoft’s 2012 security bulletin and the NVD page for CVE-2012-1854.
This KEV listing emphasises prioritising vulnerability management and aligns with CISA’s role in documenting exploited flaws to help organisations defend networks.