- 1. CISA Adds One Known Exploited Vulnerability to Catalog (April 22, 2026)
- 2. Nuclei Templates v10.2.x: 57 CVEs, 10 Actively Exploited KEVs
1. CISA Adds One Known Exploited Vulnerability to Catalog (April 22, 2026)
WhatCISA added a new CVE to its Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to patch within prescribed timelines under BOD 22-01.
Source[CISA Alert – April 22, 2026](www.cisa.gov)
Applies toGeneral – all organizations using affected software.
Why it mattersExploitation is confirmed in the wild; failure to patch invites real-world compromise.
2. Nuclei Templates v10.2.x: 57 CVEs, 10 Actively Exploited KEVs
WhatNew Nuclei templates cover 57 CVEs (including 10 from the KEV catalog) and add GCP cloud configuration review templates.
Source[ProjectDiscovery Blog – Nuclei Templates](projectdiscovery.io)
Applies toGeneral – any organization using Nuclei for vulnerability scanning.
Why it mattersUpdates enable immediate detection of high-severity and actively exploited vulnerabilities.
Is your WordPress site exposed to threats like these?
Arc is an AI security agent that watches your site 24/7 and patches vulnerabilities before attackers find them.
Scan your site free →