THE Known Exploited Vulnerabilities (KEV) Catalog, maintained by CISA, serves as a resource for cybersecurity professionals and organizations to manage vulnerabilities that are actively exploited. The catalog assists in prioritizing vulnerability management through reliable identification of risks. A specific entry highlights a code injection vulnerability in SonicWall SMA1000 Appliances (CVE-2026-15410), which can allow remote authenticated attackers to execute arbitrary commands under certain conditions.
Organizations are advised to apply mitigations following vendor instructions and CISA’s guidance. Additional formats for KEV catalog access include CSV and JSON. Stakeholders are encouraged to nominate new vulnerabilities for inclusion.