Apr 14, 2026highexploitationexploited in the wild

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two vulnerabilities to its Known Exploited Vulnerabilities catalog based on evidence of active exploitation: a Microsoft Office Remote Code Execution flaw (CVE-2009-0238) and a Microsoft SharePoint Server Improper Input Validation vulnerability (CVE-2026-32201). Federal agencies are required to patch these by a set deadline, and all organizations are strongly urged to remediate them promptly. Developers and admins running Microsoft Office or SharePoint should prioritize applying available patches immediately given confirmed active exploitation.

what's affectedCISA Adds Two Known Exploited Vulnerabilities to Catalog

mitigation statusMonitoring updates

first reportedApr 14, 2026

social pulse

mentions (24h)969

velocitytrend up

mentions delta+6% vs yesterday

platform splitX 60% · Reddit 16% · GitHub 24%

keywords

exploitationvulnerabilitymitigation

x analyticsheat 0

authors 0verified 0%

likes0

retweets0

replies0

quotes0

summaryConversation is accelerating with active-response chatter and exploit validation.

sources

https://www.cisa.gov/news-events/alerts/2026/04/14/cisa-adds-two-known-exploited-vulnerabilities-catalog

Curated Apr 14, 2026 by the ahackaday team./Sources verified./Brief grounded in 1 source.

Grace Your AI security internreadyGrace is ready

Grounded in this brief only — CISA Adds Two Known Exploited Vulnerabilities to Catalog. Press ⌘K any time.

You're answering aschange anytime

Pick a playor type your own ↓

Tone

Pick a play above, or type your question

Generate an answer and Grace will return a grounded response for this incident.

scanning advisory feeds…