CISA Adds Five Vulnerabilities to KEV Catalog Including Microsoft Office Zero-Day
New additions include CVE-2026-21509 actively exploited by APT28, a Linux kernel flaw from 2018, and SmarterMail vulnerabilities. Federal agencies face February 16 remediation deadline.