CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation. The list of vulnerabilities is as follows - CVE-2026-20245 (CVSS score: 7.8) - An improper encoding or escaping of output vulnerability in Cisco Catalyst SD-WAN Manager that could allow an

The article reports that CISA added three actively exploited vulnerabilities in Cisco Catalyst SD-WAN Manager (CVE-2026-20245), Google Chrome’s V8 engine (CVE-2026-11645), and Arista EOS (CVE-2026-7473) to its Known Exploited Vulnerabilities catalog, and ordered U.S. federal agencies to apply fixes or mitigations by June 23, 2026.[1][4][5] These flaws enable command execution as root on Cisco SD-WAN, remote code execution in Chromium-based browsers, and improper decapsulation/forwarding of unexpected tunneled traffic on Arista switches.[1][4][5] From a CyberSE.AI perspective, this highlights AI supply chain risk because AI agents and models frequently depend on browsers, SD-WAN infrastructure, and data-center networking gear as underlying execution and transport layers; compromise at these layers can corrupt training data, exfiltrate model outputs, or hijack agent actions. Organizations should incorporate KEV-driven patching into their AI SBOM and dependency management, and include network and endpoint hardening for Chrome- and SD-WAN–based AI workflows as part of AI security readiness planning.