CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software

2026-04-14

1 min read

by info@thehackernews.com (The Hacker News)

Read Original

Get the latest tech trends every morning

Receive daily AI-curated summaries of engineering articles from top tech companies worldwide.

Endigest AI Core Summary

CISA has added six actively exploited security vulnerabilities to its Known Exploited Vulnerabilities catalog, affecting Fortinet, Microsoft, and Adobe products.

•CVE-2026-21643 (CVSS 9.1) is an SQL injection in Fortinet FortiClient EMS enabling unauthenticated remote code execution, with exploitation confirmed since March 24, 2026.
•CVE-2023-21529 (CVSS 8.8) is a deserialization flaw in Microsoft Exchange Server being weaponized by Storm-1175 to deliver Medusa ransomware.
•CVE-2020-9715 (CVSS 7.8) is a use-after-free vulnerability in Adobe Acrobat Reader causing remote code execution.
•CVE-2025-60710 (CVSS 7.8) and CVE-2023-36424 (CVSS 7.8) enable privilege escalation in Windows components through improper link resolution and out-of-bounds reads.
•

CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software

Get the latest tech trends every morning

Endigest AI Core Summary

Related Articles

Privacy-first connections: Empowering social experiences at Airbnb

New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released

Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security

AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud