CISA Flags Linux, TP-Link, Sitecore in Threat Catalog

The Cybersecurity and Infrastructure Security Agency has updated its Known Exploited Vulnerabilities catalog to include critical flaws in Sitecore, the Linux Kernel, and TP-Link devices. The latest additions signal growing concern over actively exploited threats in popular software and hardware platforms. As part of the update, CISA flags Linux kernel vulnerabilities as a priority for remediation across federal agencies.

Four vulnerabilities have been added: CVE-2025-53690, CVE-2025-9377, CVE-2025-38352, and CVE-2023-50224. These flaws affect a range of systems and could allow attackers to execute code, escalate privileges, or disrupt services. CISA’s inclusion of these issues in the KEV list mandates government agencies to patch the impacted systems within a defined timeframe.

The agency’s move underscores the urgency of addressing exploited bugs across digital infrastructure. Once again, CISA flags Linux systems as a target of persistent threats, reinforcing the need for immediate mitigation.

Read the full article at

CISA Adds Sitecore, Linux Kernel, and TP-Link Flaws to KEV Catalog