CISA added four actively exploited vulnerabilities to its KEV catalog: a PHP remote file inclusion flaw in Zimbra Collaboration Suite, an authentication bypass in Versa Concerto SD-WAN, an improper access control issue in Vite, and embedded malicious code in eslint-config-prettier from a supply chain attack. The eslint
Sort: