ACCORDING to CISA, the Known Exploited Vulnerabilities (KEV) catalog currently lists CVE-2025-60710, a Microsoft Windows link following vulnerability that can allow privilege escalation. The entry, titled “Microsoft Windows Link Following Vulnerability,” notes a related CWE of CWE-59 and states that it is Unknown whether it has been used in ransomware campaigns.
The KEV record instructs organisations to apply mitigations per vendor instructions, follow applicable guidance for cloud services, or discontinue use of the product if mitigations are unavailable. The listing shows Date Added as 13 April 2026 and Due Date as 27 April 2026. Additional references include the Microsoft Update Guide and NIST’s NVD entry for CVE-2025-60710.
This KEV item is accessible via the catalog’s Microsoft vendor filter and forms part of CISA’s effort to prioritise vulnerabilities exploited in the wild for risk management.