THE Known Exploited Vulnerabilities (KEV) Catalog is maintained by CISA to assist the cybersecurity community in managing vulnerabilities that have been actively exploited. It is an essential tool for organizations to prioritize their vulnerability management efforts. The catalog features detailed information about known vulnerabilities, including their associated risks and recommended mitigations.
One highlighted vulnerability is CVE-2026-54420, linked to the LiteSpeed cPanel Plugin, which involves a UNIX symbolic link vulnerability. Organizations are urged to follow vendor instructions and CISA guidelines for handling these vulnerabilities, including a specific focus on compliance with BOD 26-04 for risk prioritization. Additionally, the catalog is available in various formats and updates can be subscribed to via CISA's service.