Date Posted: 2026/03/26
[Vulnerability Alert] CISA Adds 9 Known Exploited Vulnerabilities to KEV Catalog (2026/03/16-2026/03/22)
- Subject Explanation: [Vulnerability Alert] CISA Adds 9 Known Exploited Vulnerabilities to KEV Catalog (2026/03/16-2026/03/22)
- Content Description:
- Forwarding Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC) Security Alert TWCERTCC-200-202603-00000018
- [CVE-2025-47813] Wing FTP Server Information Disclosure Vulnerability (CVSS v3.1: 4.3)
- [Ransomware Exploitation: Unknown] When Wing FTP Server uses a long value in the UID Cookie, it generates an error message containing sensitive information, leading to an information disclosure vulnerability.
- [CVE-2025-66376] Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting Vulnerability (CVSS v3.1: 7.2)
- [Ransomware Exploitation: Unknown] The Classic UI of Synacor Zimbra Collaboration Suite (ZCS) contains a Cross-Site Scripting vulnerability, allowing an attacker to abuse the Cascading Style Sheets (CSS) @import directive in email HTML.
- [CVE-2026-20963] Microsoft SharePoint Deserialization of Untrusted Data Vulnerability (CVSS v3.1: 8.8)
- [Ransomware Exploitation: Unknown] Microsoft SharePoint contains a deserialization of untrusted data vulnerability, allowing an unauthorized attacker to execute code over the network.
- [CVE-2026-20131] Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability (CVSS v3.1: 10.0)
- [Ransomware Exploitation: Yes] Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management contain a deserialization of untrusted data vulnerability in their web-based management interface, which could allow an unauthenticated remote attacker to execute arbitrary Java code with root privileges on the affected devices.
- [CVE-2025-32432] Craft CMS Code Injection Vulnerability (CVSS v3.1: 10.0)
- [Ransomware Exploitation: Unknown] Craft CMS contains a code injection vulnerability, allowing a remote attacker to execute arbitrary code.
- [CVE-2025-54068] Laravel Livewire Code Injection Vulnerability (CVSS v3.1: 9.8)
- [Ransomware Exploitation: Unknown] Laravel Livewire contains a code injection vulnerability, which may allow an unauthenticated attacker to achieve remote command execution under certain circumstances.
- [CVE-2025-43510] Apple Multiple Products Improper Locking Vulnerability (CVSS v3.1: 7.8)
- [Ransomware Exploitation: Unknown] Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability, which may allow a malicious application to cause unexpected changes to memory shared between processes.
- [CVE-2025-43520] Apple Multiple Products Classic Buffer Overflow Vulnerability (CVSS v3.1: 5.5)
- [Ransomware Exploitation: Unknown] Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain a classic buffer overflow vulnerability, which may allow a malicious application to cause abnormal system termination or write to kernel memory.
- [CVE-2025-31277] Apple Multiple Products Buffer Overflow Vulnerability (CVSS v3.1: 8.8)
- [Ransomware Exploitation: Unknown] Apple Safari, iOS, watchOS, visionOS, iPadOS, macOS, and tvOS contain a buffer overflow vulnerability, which may allow the system to process maliciously crafted web content, leading to memory corruption.
- Impacted Platforms:
- [CVE-2025-47813] Wing FTP Server versions prior to 7.4.4
- [CVE-2025-66376] Please refer to the official list of affected versions: https://wiki.zimbra.com/wiki/Security_Center
- [CVE-2026-20963] Please refer to the official list of affected versions: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20963
- [CVE-2026-20131] Please refer to the official list of affected versions: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-rce-NKhnULJh
- [CVE-2025-32432] Please refer to the official list of affected versions: https://craftcms.com/knowledge-base/craft-cms-cve-2025-32432
- [CVE-2025-54068] Please refer to the official list of affected versions: https://github.com/livewire/livewire/security/advisories/GHSA-29cq-5w36-x7w3
- [CVE-2025-43510] Please refer to the official list of affected versions:
- [CVE-2025-43520] Please refer to the official list of affected versions:
- [CVE-2025-31277] Please refer to the official list of affected versions:
- Suggested Measures:
- [CVE-2025-47813] Upgrade the corresponding product to the following version (or higher): Wing FTP Server 7.4.4
- [CVE-2025-66376] Official fix updates have been released. Please update to the relevant version: https://wiki.zimbra.com/wiki/Security_Center
- [CVE-2026-20963] Official fix updates have been released. Please update to the relevant version: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20963
- [CVE-2026-20131] Official fix updates have been released. Please update to the relevant version: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-rce-NKhnULJh
- [CVE-2025-32432] Official fix updates have been released. Please update to the relevant version: https://craftcms.com/knowledge-base/craft-cms-cve-2025-32432
- [CVE-2025-54068] Official fix updates have been released. Please update to the relevant version: https://github.com/livewire/livewire/security/advisories/GHSA-29cq-5w36-x7w3
- [CVE-2025-43510] Official fix updates have been released. Please update to the relevant version:
- [CVE-2025-43520] Official fix updates have been released. Please update to the relevant version:
- [CVE-2025-31277] Official fix updates have been released. Please update to the relevant version:
Computer and Communication Center
Network Systems Division
