THE Known Exploited Vulnerabilities (KEV) Catalog, maintained by CISA, serves as an authoritative resource for cybersecurity professionals to manage and respond to actively exploited vulnerabilities. The catalog emphasizes prioritizing vulnerabilities in organizational frameworks and includes methods for nomination of new vulnerabilities.
Among the entries, CVE-2026-28318 is highlighted, describing a vulnerability in SolarWinds Serv-U that can be exploited via specially crafted POST requests, leading to service crashes. Organizations are advised to apply mitigations from the vendor or discontinue use if no remedies are available.