CISA has added CVE-2009-0238, a 17-year-old critical Excel remote code execution vulnerability, to its Known Exploited Vulnerability catalog after confirming active exploitation. The flaw, originally patched in 2009, allows attackers to execute arbitrary code by tricking victims into opening a maliciously crafted Excel file. Federal agencies have been given a two-week deadline to patch. Also added to the KEV catalog is CVE-2026-32201, a SharePoint Server spoofing zero-day patched in April 2026's Patch Tuesday, which enables attackers to manipulate displayed information and could be leveraged in phishing campaigns.
Sort: