The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalogue with four critical security flaws affecting widely-used enterprise software and development tools.
All vulnerabilities were added on January 22, 2026, with a standardized deadline of February 12, 2026, requiring federal agencies and critical infrastructure operators to implement patches or mitigations.
The additions reflect active exploitation patterns across multiple attack vectors, from supply chain compromises to infrastructure orchestration platforms.
Organizations using affected products must prioritize remediation to prevent unauthorized access, data exfiltration, and potential lateral movement within their networks.
| Vendor | Product | CVE ID | Vulnerability Type | Severity |
|---|---|---|---|---|
| Prettier | eslint-config-prettier | CVE-2025-54313 | Embedded Malicious Code (CWE-506) | Critical |
| Vite | Vitejs | CVE-2025-31125 | Improper Access Control (CWE-200, CWE-284) | Critical |
| Versa | Concerto SD-WAN | CVE-2025-34026 | Improper Authentication (CWE-288) | Critical |
| Synacor | Zimbra Collaboration Suite | CVE-2025-68645 | PHP Remote File Inclusion (CWE-98) | Critical |
Affected Products and Vulnerability Details
Organizations must immediately audit systems running affected software versions.
For Prettier eslint-config-prettier and Vite Vitejs, developers should review package dependencies, revert to patched versions, and audit CI/CD logs for suspicious activity.
Versa Concerto deployments require credential rotation and network segmentation analysis, particularly for systems exposing administrative interfaces.
Zimbra administrators must apply vendor-provided security updates and implement web application firewall rules to restrict access to vulnerable endpoints.
CISA emphasises compliance with Binding Operational Directive 22-01 for federal agencies utilising cloud services.
Organizations should coordinate patch deployment across development, staging, and production environments while monitoring for signs of exploitation including unexpected process execution, unauthorized file access, and unusual authentication patterns.
The expanded KEV Catalog underscores the convergence of development tool compromise and infrastructure vulnerabilities, necessitating coordinated incident response and proactive patch management across the entire software supply chain.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.