CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog

Eric Geller

29 May 2026

2 min

PME 2 3

BLUF

The Cybersecurity and Infrastructure Security Agency (CISA) added exploited vulnerabilities in a remote access tool and Windows Shell to its catalogue, confirming active attacker use for remote code execution in global cyber campaigns.

Learning Outcomes:

Understand the significance of inclusion in CISA’s Known Exploited Vulnerabilities (KEV) catalogue as an indicator of active real-world exploitation.
Assess how remote-access and system-shell vulnerabilities enable privilege escalation, code execution, and identity impersonation.

READ: CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog

References

Cyber Security Drive: High factual reporting
COLLECTIONS/The Runway (airforce.gov.au)
RAAF RUNWAY: RATIONALE GUIDELINES LEARNING OUTCOMES

CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog

BLUF

References

Related articles

Microsoft outlines ambitious post-quantum plans, but challenges remain

NIST will test three major tech firms’ frontier AI models for cybersecurity risks

How authoritarian propaganda presents Indonesian protests as foreign-instigated

ASIO warns defence industry