Digest of CISA KEV Additions
CVEs TopVuln recorded for CISA KEV digest days 2026-04-27 – 2026-05-03 (week ending 2026-05-03).
Official CISA alerts:
https://www.cisa.gov/news-events/alerts/2026/04/28/cisa-adds-two-known-exploited-vulnerabilities-catalog
https://www.cisa.gov/news-events/alerts/2026/05/01/cisa-adds-one-known-exploited-vulnerability-catalog
(TopVuln is not affiliated with CISA.)
#1 ConnectWise ScreenConnect Path Traversal Vulnerability
CVE: CVE-2024-1708
CVSS: 8.4
Risk level:
HIGH
Affected versions: ConnectWise ScreenConnect versions before 23.9.7, 22.9.10, 21.9.6
Summary: This flaw exists in ConnectWise ScreenConnect, a widely used enterprise remote access and IT support tool. A path traversal vulnerability allows unauthenticated remote attackers to access files outside of the intended restricted file system path. Successful exploitation can lead to remote code execution, unauthorized access to sensitive organizational data, and full system compromise.
Remediation: Administrators should immediately apply the official security patches released by ConnectWise for all affected ScreenConnect instances. If patching cannot be done immediately, block public exposure of ScreenConnect instances and restrict access to only trusted internal IP addresses. Monitor affected systems for suspicious or unauthorized activity to detect potential exploitation attempts.
Exploit info: This exploit has been recorded in CISA KEV (CISA Known Exploited Vulnerabilities catalog, dateAdded 2026-04-28). You may check Exploit-DB or GitHub for potential exploit details.
#2 Microsoft Windows Protection Mechanism Failure Vulnerability
CVE: CVE-2026-32202
CVSS: 4.3
Risk level:
HIGH
Affected versions: cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
Summary: Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to perform spoofing over a network.
Remediation: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Exploit info: Not available in our cache.
#3 Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability
CVE: CVE-2026-31431
CVSS: 7.8
Risk level:
HIGH
Affected versions: Linux kernel versions containing commit 72548b093ee3 in the crypto algif_aead component
Summary: This vulnerability is an incorrect resource transfer issue in the Linux kernel's crypto algif_aead subsystem. The flaw stems from problematic in-place operation logic that can lead to local privilege escalation or system instability. A full fix is available via a kernel commit that reverts the problematic changes.
Remediation: Apply the official Linux kernel security update that includes the fix for this vulnerability. Test the update and deploy it to all affected Linux systems as soon as possible to address the flaw.
Exploit info: This exploit has been publicly disclosed, with references to this issue documented in trusted public vulnerability databases. You may check Exploit-DB or GitHub for potential exploit details.