THE U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four flaws to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2008-0015 (Ms vidctl DirectShow), CVE-2020-7796 (Zimbra Collaboration Suite SSRF), CVE-2024-7694 (TeamT5 ThreatSonar Anti-Ransomware, unrestricted file upload), and CVE-2026-2441 (Google Chromium CSS use-after-free).
The entry for CVE-2008-0015 notes a 8.8 CVSS score for a Microsoft Windows Video ActiveX Control remote code execution vulnerability, with exploitation reported in the wild in July 2009. CVE-2020-7796 has a CVSS score of 9.8 and relates to Server-Side Request Forgery in Zimbra, potentially enabling access to internal resources.
CVE-2024-7694, scoring 7.2, concerns an arbitrary file upload vulnerability in TeamT5 ThreatSonar Anti-Ransomware that could allow server commands to be executed by an authenticated administrator. The fourth, CVE-2026-2441, a 8.8-rated use-after-free in Google Chrome’s CSS component prior to 145.0.7632.75, is noted as being exploited in the wild, with Google acknowledging the existence of active exploits.
According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, agencies are urged to remediate these flaws by the stated deadlines, and organisations are advised to review the KEV Catalog to address the vulnerabilities in their infrastructure.