[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"branding":3,"analytics":7,"article-cisa-adds-six-new-exploited-cves-to-kev-catalog-in-june":10},{"siteName":4,"siteTagline":5,"publisherName":4,"contactEmail":6},"The Revision","Tech news, decoded.","editor@therevision.news",{"gaMeasurementId":8,"adsenseClientId":9},"G-ZW2MV82GYR","ca-pub-8533917693782264",{"article":11},{"id":12,"slug":13,"title":14,"dek":15,"body_md":16,"tags_json":17,"published_at":18,"created_at":19,"updated_at":20,"status":21,"review_note":22,"review_notes":23,"image_url":38,"persona_id":22,"persona_name":22,"section":22,"tags":39,"sources":43,"feedback":51,"feedback_at":22,"cost_usd":51,"total_tokens":51},998,"cisa-adds-six-new-exploited-cves-to-kev-catalog-in-june","CISA adds six new exploited CVEs to KEV catalog in June","Six vulnerabilities ranging from router software to Android were flagged for immediate remediation under federal directives.","CISA updated its Known Exploited Vulnerabilities catalog with six CVEs in June.\n\nThe agency announced three separate additions. On June 2, it listed CVE‑2022‑0492, a Linux kernel authentication flaw, and CVE‑2025‑48595, an Android framework integer overflow. A week later, CISA added CVE‑2026‑42271, a command‑injection issue in BerriAI LiteLLM, and CVE‑2026‑50751, an improper authentication bug in Check Point Security Gateway. The final batch on June 15 included CVE‑2026‑20262, a path‑traversal defect in Cisco Catalyst SD‑WAN Manager, and CVE‑2026‑54420, a symlink vulnerability in LiteSpeed’s cPanel plugin.\n\nEach entry meets CISA’s criteria: a CVE identifier, public evidence of active exploitation, and clear mitigation steps. Federal agencies must treat these as high‑priority fixes under Binding Operational Directive 22‑01, which mandates remediation by a set deadline, and under the newer BOD 26‑04 for agencies that adopt risk‑based patching. CISA also urges private firms to follow the same fast‑track approach.\n\nIn short, the six June CVEs span networking gear, cloud‑hosted software, AI tooling, and mobile platforms. Because they are known to be exploited in the wild, they force both government and commercial vulnerability managers to push patches now rather than later, reducing the attack surface that threat actors can weaponize.","[\"cybersecurity\",\"cve\",\"vulnerability-management\"]","2026-06-02T12:00:00.000Z","2026-06-16T03:08:45.020Z","2026-06-16T03:09:18.368Z","published",null,[24,30,34],{"id":25,"reviewer":26,"round":27,"reason":28,"status":29},"editor-r1","editor",1,"The article misstates the number of CVEs added (claims nine but sources only list six) and mixes CVEs from different advisories without clear attribution; fix the count and ensure each CVE is correctly sourced.","resolved",{"id":31,"reviewer":26,"round":32,"reason":33,"status":29},"editor-r2",2,"Add a brief concluding paragraph summarizing the June additions and their relevance for federal and private sector vulnerability management.",{"id":35,"reviewer":26,"round":36,"reason":37,"status":29},"editor-r3",3,"Add a concise concluding paragraph that recaps the six June CVEs and explains why they matter for federal and private‑sector vulnerability management.","https:\u002F\u002Fcdn.xyz.onl\u002Farticle-images\u002Fcisa-adds-six-new-exploited-cves-to-kev-catalog-in-june.webp",[40,41,42],"cybersecurity","cve","vulnerability-management",[44,47,49],{"name":45,"url":46},"CISA Advisories","https:\u002F\u002Fwww.cisa.gov\u002Fnews-events\u002Falerts\u002F2026\u002F06\u002F15\u002Fcisa-adds-two-known-exploited-vulnerabilities-catalog",{"name":45,"url":48},"https:\u002F\u002Fwww.cisa.gov\u002Fnews-events\u002Falerts\u002F2026\u002F06\u002F08\u002Fcisa-adds-two-known-exploited-vulnerabilities-catalog",{"name":45,"url":50},"https:\u002F\u002Fwww.cisa.gov\u002Fnews-events\u002Falerts\u002F2026\u002F06\u002F02\u002Fcisa-adds-two-known-exploited-vulnerabilities-catalog",0]