CISA KEV Alert: 5 New Exploited Vulnerabilities — 2026-03-21

CISA KEV Intelligence Briefing — 2026-03-21

The Cybersecurity and Infrastructure Security Agency (CISA) has added 5 new vulnerabilities to the Known Exploited Vulnerabilities (KEV) catalog. These represent active exploitation in the wild and require immediate attention from enterprise security teams.

Critical CVEs Added

• CVE-2025-32432 — Craft CMS Code Injection Vulnerability (Craft CMS / Craft CMS) Craft CMS contains a code injection vulnerability that allows a remote attacker to execute arbitrary code. Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due: 2026-04-03

• CVE-2025-54068 — Laravel Livewire Code Injection Vulnerability (Laravel / Livewire) Laravel Livewire contain a code injection vulnerability that could allow unauthenticated attackers to achieve remote command execution in specific scenarios. Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due: 2026-04-03

• CVE-2025-43510 — Apple Multiple Products Improper Locking Vulnerability (Apple / Multiple Products) Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability that could allow a malicious application to cause unexpected changes in memory shared between processes. Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due: 2026-04-03

• CVE-2025-43520 — Apple Multiple Products Classic Buffer Overflow Vulnerability (Apple / Multiple Products) Apple watchOS, iOS, iPadOS, macOS, visionOS, tvOS, and iPadOS contain a classic buffer overflow vulnerability which could allow a malicious application to cause unexpected system termination or write kernel memory. Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due: 2026-04-03

• CVE-2025-31277 — Apple Multiple Products Buffer Overflow Vulnerability (Apple / Multiple Products) Apple Safari, iOS, watchOS, visionOS, iPadOS, macOS, and tvOS contain a buffer overflow vulnerability that could allow the processing of maliciously crafted web content which may lead to memory corruption. Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due: 2026-04-03

FLLC Recommended Actions

1. Patch immediately — Apply vendor-provided patches for all listed products.
2. Verify exposure — Audit your asset inventory against affected vendors and products.
3. Enable threat detection — Ensure your EDR and SIEM are tuned for these CVE indicators.
4. Review CISA deadlines — Federal agencies have binding operational directives; enterprises should adopt equivalent urgency.

Resources

• CISA KEV Catalog
• NVD CVE Database
• FLLC Cyber Arsenal
• FLLC Intelligence Hub

This briefing is auto-generated by the FLLC CVE Monitor pipeline. All data sourced from CISA KEV.