---
title: "CISA Warns of 5 Actively Exploited Vulnerabilities—Patch Now"
short_title: "CISA adds 5 critical exploited vulnerabilities to catalog"
description: "CISA has added five actively exploited vulnerabilities to its KEV catalog, urging immediate patching. Learn about the risks and mitigation steps for these critical flaws."
author: "Vitus"
date: 2025-01-24
categories: [Cybersecurity, Vulnerabilities]
tags: [cisa, known-exploited-vulnerabilities, cve, cybersecurity, patch-management]
score: 0.92
cve_ids: [CVE-2018-14634, CVE-2025-52691, CVE-2026-21509, CVE-2026-23760, CVE-2026-24061]
---
TL;DR
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, all of which are actively being exploited in the wild. These flaws pose significant risks to federal agencies and organizations worldwide. Immediate patching and mitigation are strongly recommended to prevent potential cyberattacks.
---
Main Content
The Cybersecurity and Infrastructure Security Agency (CISA) has escalated its warnings after adding five critical vulnerabilities to its [Known Exploited Vulnerabilities (KEV) Catalog](https://www.cisa.gov/known-exploited-vulnerabilities-catalog). These vulnerabilities, which are actively being exploited by malicious cyber actors, target a range of systems, including Linux kernels, Microsoft Office, SmarterTools SmarterMail, and GNU InetUtils. Federal agencies are mandated to remediate these flaws by specified deadlines, but CISA urges all organizations to prioritize patching to reduce exposure to cyber threats.
Key Points
- CISA has added five actively exploited vulnerabilities to its KEV Catalog.
- The flaws affect Linux, Microsoft Office, SmarterMail, and GNU InetUtils.
- Federal agencies must patch these vulnerabilities under Binding Operational Directive (BOD) 22-01.
- All organizations are advised to prioritize remediation to mitigate risks.
- Exploitation of these vulnerabilities could lead to unauthorized access, data breaches, and system compromise.
---
Technical Details
The newly added vulnerabilities include:
1. CVE-2018-14634: A Linux Kernel Integer Overflow Vulnerability that allows attackers to escalate privileges on affected systems.
2. CVE-2025-52691: A SmarterTools SmarterMail Unrestricted File Upload Vulnerability that enables attackers to upload malicious files with dangerous types.
3. CVE-2026-21509: A Microsoft Office Security Feature Bypass Vulnerability that could allow attackers to bypass security controls.
4. CVE-2026-23760: A SmarterTools SmarterMail Authentication Bypass Vulnerability that permits unauthorized access via alternate paths or channels.
5. CVE-2026-24061: A GNU InetUtils Argument Injection Vulnerability that could lead to arbitrary command execution.
---
Impact Assessment
These vulnerabilities are frequent attack vectors for cybercriminals and pose significant risks to both federal and private sector networks. Exploitation could result in:
- Unauthorized system access and privilege escalation.
- Data breaches and theft of sensitive information.
- Disruption of critical services and operational downtime.
- Lateral movement within networks, leading to widespread compromise.
Federal agencies are required to remediate these vulnerabilities under Binding Operational Directive (BOD) 22-01, which mandates timely patching to protect federal networks. However, all organizations are strongly encouraged to prioritize these updates as part of their vulnerability management practices.
---
Mitigation Steps
To reduce the risk of exploitation, organizations should:
1. Apply patches immediately for all affected systems.
2. Review CISA’s KEV Catalog for updates and additional vulnerabilities.
3. Monitor networks for signs of compromise or unusual activity.
4. Implement least-privilege access controls to limit potential damage.
5. Educate employees on recognizing phishing and social engineering attacks that may exploit these vulnerabilities.
---
Conclusion
CISA’s addition of these five vulnerabilities to its KEV Catalog underscores the urgent need for organizations to prioritize patching and vulnerability management. While federal agencies are required to act, all businesses and institutions should treat these vulnerabilities as critical threats. Proactive measures, such as timely patching and network monitoring, are essential to mitigating risks and preventing cyberattacks.
For more details, refer to CISA’s [official advisory](https://www.cisa.gov/news-events/alerts/2026/01/26/cisa-adds-five-known-exploited-vulnerabilities-catalog).
---
References
[^1]: CISA. "[CISA Adds Five Known Exploited Vulnerabilities to Catalog](https://www.cisa.gov/news-events/alerts/2026/01/26/cisa-adds-five-known-exploited-vulnerabilities-catalog)". Retrieved 2025-01-24.
[^2]: CVE Details. "[CVE-2018-14634](https://www.cve.org/CVERecord?id=CVE-2018-14634)". Retrieved 2025-01-24.
[^3]: CVE Details. "[CVE-2025-52691](https://www.cve.org/CVERecord?id=CVE-2025-52691)". Retrieved 2025-01-24.
[^4]: CVE Details. "[CVE-2026-21509](https://www.cve.org/CVERecord?id=CVE-2026-21509)". Retrieved 2025-01-24.
[^5]: CVE Details. "[CVE-2026-23760](https://www.cve.org/CVERecord?id=CVE-2026-23760)". Retrieved 2025-01-24.
[^6]: CVE Details. "[CVE-2026-24061](https://www.cve.org/CVERecord?id=CVE-2026-24061)". Retrieved 2025-01-24.