---
title: "CISA Warns of 3 Actively Exploited Vulnerabilities—Patch Now"
short_title: "CISA adds 3 critical exploited vulnerabilities"
description: "CISA has added three new actively exploited vulnerabilities to its KEV Catalog. Learn about the risks, affected systems, and mitigation steps to protect your network."
author: "Vitus"
date: 2024-10-02
categories: [Cybersecurity, Vulnerabilities]
tags: [cisa, known-exploited-vulnerabilities, cve-2026-8398, cve-2026-45321, cve-2026-48027]
score: 0.92
cve_ids: [CVE-2026-8398, CVE-2026-45321, CVE-2026-48027]
---
## TL;DR
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of active exploitation. These flaws pose significant risks to federal and private sector networks. Organizations are urged to prioritize patching these vulnerabilities immediately to mitigate potential cyberattacks.
Main Content
The Cybersecurity and Infrastructure Security Agency (CISA) has escalated its warnings after adding three newly discovered vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. These vulnerabilities are currently being exploited in the wild, making them a critical priority for organizations worldwide.
### Key Points
- CISA’s KEV Catalog now includes CVE-2026-8398, CVE-2026-45321, and CVE-2026-48027, all of which are under active exploitation.
- These vulnerabilities are frequent attack vectors for malicious cyber actors, posing severe risks to federal and enterprise networks.
- Federal Civilian Executive Branch (FCEB) agencies are required to remediate these vulnerabilities by the specified due dates under Binding Operational Directive (BOD) 22-01.
- While BOD 22-01 applies to federal agencies, all organizations are strongly encouraged to prioritize patching these vulnerabilities.
Technical Details
1. CVE-2026-8398: Daemon Tools Lite Embedded Malicious Code Vulnerability
- This vulnerability involves embedded malicious code in Daemon Tools Lite, a popular disk imaging software. Exploitation could allow attackers to execute arbitrary code or gain unauthorized access to systems.
2. CVE-2026-45321: TanStack Unspecified Vulnerability
- An unspecified vulnerability in TanStack, a widely used library for building web applications. The lack of details increases the risk, as attackers may exploit it before patches are applied.
3. CVE-2026-48027: Nx Console Embedded Malicious Code Vulnerability
- This flaw affects Nx Console, a popular extension for VS Code used in monorepo development. Embedded malicious code could enable attackers to compromise development environments or spread malware.
### Impact Assessment
These vulnerabilities are particularly dangerous because:
- They are actively exploited in real-world attacks, increasing the urgency for remediation.
- They target widely used software, potentially affecting thousands of organizations globally.
- Successful exploitation could lead to data breaches, unauthorized access, or malware infections, with cascading effects on supply chains and critical infrastructure.
Federal agencies must comply with BOD 22-01, which mandates timely remediation of KEV Catalog vulnerabilities. However, private sector organizations are equally at risk and should treat these vulnerabilities as critical priorities.
### Mitigation Steps
To reduce exposure to these threats, organizations should:
1. Immediately apply patches or updates provided by the vendors for Daemon Tools Lite, TanStack, and Nx Console.
2. Monitor systems for signs of exploitation, such as unusual network traffic or unauthorized access attempts.
3. Review CISA’s KEV Catalog regularly to stay updated on emerging threats.
4. Implement a robust vulnerability management program to prioritize and remediate critical flaws efficiently.
## Conclusion
CISA’s addition of these three vulnerabilities to the KEV Catalog underscores the growing threat of actively exploited flaws in widely used software. While federal agencies are required to act, all organizations must prioritize patching these vulnerabilities to protect their networks from cyberattacks. Failure to do so could result in severe consequences, including data breaches, financial losses, and reputational damage.
For more details, refer to CISA’s official advisory and the KEV Catalog.
## References
[^1]: CISA. "CISA Adds Three Known Exploited Vulnerabilities to Catalog". Retrieved 2024-10-02.
[^2]: CVE Details. "CVE-2026-8398". Retrieved 2024-10-02.
[^3]: CVE Details. "CVE-2026-45321". Retrieved 2024-10-02.
[^4]: CVE Details. "CVE-2026-48027". Retrieved 2024-10-02.