As the agency’s vulnerability database buckles under a flood of submissions, it’s planning to shift some responsibilities to other parties.

CISA added four actively exploited vulnerabilities to its KEV catalog, urging U.S. federal agencies to apply fixes by February 12, 2026.

The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. warned of active exploitation of four vulnerabilities ...

The first round of SAP patches for 2026 resolves 19 vulnerabilities, including critical SQL injection, RCE, and code ...

In early 2016, the Federal Bureau of Investigation reportedly paid more than $1.3 million for a software flaw that allowed it ...

And almost 50 more than last month.

Software supply chain startup NetRise Inc. today announced a major update to its platform aimed at improving how organizations identify and manage vulnerabilities in the software running on devices ...

Cisco fixes actively exploited CVE-2026-20045 zero-day enabling unauthenticated RCE in Unified CM and Webex; CISA sets Feb 11, 2026 deadline.

Mondoo Inc. is pitching its capabilities as the first “agentic vulnerability management” platform to not only categorize but entirely eliminate threats in software after raising $17.5 million in ...

HOUSTON, May 15, 2025 /PRNewswire/ -- Action1, a leading provider of autonomous endpoint management (AEM) solutions, today released its 2025 Software Vulnerability Ratings Report, revealing a 61% year ...

The bugs could allow an attacker to take over an affected system for their own purposes, or to crash the software, causing a ...