CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

Another zero-day added to CISA’s KEV list on Thursday is CVE-2026-20700, a buffer overflow vulnerability that Apple has just patched, warningit has been exploitedin an extremely sophisticated attack.Another newly disclosed vulnerability that has made it to CISA’s KEV list is CVE-2025-15556, an update integrity verification flaw in Notepad++ patched in early February.Rooted in the lack of cryptographic verification of downloaded update metadata and installers, the issue affects Notepad++ deployments using the WinGUp updater and could allow attackers to intercept update traffic and supply modified installers, achieving arbitrary code execution.China-linked hackers were seenexploiting the flaw for initial accessin attacks that likely started in June 2025. Rapid7 has attributed the campaign to the cyberespionage group tracked as Lotus Blossom.The fourth CVE added to CISA’s KEV list on Thursday is CVE-2024-43468, a critical-severity RCE flaw in Microsoft Configuration Manager that wasresolved in October 2024.It is described as an SQL injection bug that can be exploited without authentication or user interaction via specially crafted requests.Proof-of-concept (PoC) code targeting CVE-2024-43468 has been publicly available for over a year, but there appear to have been no reports of it being exploited in attacks prior to CISA’s warning.CISA has given federal agencies three weeks to apply patches for the Apple, Microsoft, and Notepad++ vulnerabilities.Related:Chrome 145 Patches 11 VulnerabilitiesRelated:Chipmaker Patch Tuesday: Over 80 Vulnerabilities Addressed by Intel and AMDRelated:6 Actively Exploited Zero-Days Patched by Microsoft With February 2026 UpdatesRelated:Critical SmarterMail Vulnerability Exploited in Ransomware Attacks

Another newly disclosed vulnerability that has made it to CISA’s KEV list is CVE-2025-15556, an update integrity verification flaw in Notepad++ patched in early February.Rooted in the lack of cryptographic verification of downloaded update metadata and installers, the issue affects Notepad++ deployments using the WinGUp updater and could allow attackers to intercept update traffic and supply modified installers, achieving arbitrary code execution.China-linked hackers were seenexploiting the flaw for initial accessin attacks that likely started in June 2025. Rapid7 has attributed the campaign to the cyberespionage group tracked as Lotus Blossom.The fourth CVE added to CISA’s KEV list on Thursday is CVE-2024-43468, a critical-severity RCE flaw in Microsoft Configuration Manager that wasresolved in October 2024.It is described as an SQL injection bug that can be exploited without authentication or user interaction via specially crafted requests.Proof-of-concept (PoC) code targeting CVE-2024-43468 has been publicly available for over a year, but there appear to have been no reports of it being exploited in attacks prior to CISA’s warning.CISA has given federal agencies three weeks to apply patches for the Apple, Microsoft, and Notepad++ vulnerabilities.Related:Chrome 145 Patches 11 VulnerabilitiesRelated:Chipmaker Patch Tuesday: Over 80 Vulnerabilities Addressed by Intel and AMDRelated:6 Actively Exploited Zero-Days Patched by Microsoft With February 2026 UpdatesRelated:Critical SmarterMail Vulnerability Exploited in Ransomware Attacks

Rooted in the lack of cryptographic verification of downloaded update metadata and installers, the issue affects Notepad++ deployments using the WinGUp updater and could allow attackers to intercept update traffic and supply modified installers, achieving arbitrary code execution.China-linked hackers were seenexploiting the flaw for initial accessin attacks that likely started in June 2025. Rapid7 has attributed the campaign to the cyberespionage group tracked as Lotus Blossom.The fourth CVE added to CISA’s KEV list on Thursday is CVE-2024-43468, a critical-severity RCE flaw in Microsoft Configuration Manager that wasresolved in October 2024.It is described as an SQL injection bug that can be exploited without authentication or user interaction via specially crafted requests.Proof-of-concept (PoC) code targeting CVE-2024-43468 has been publicly available for over a year, but there appear to have been no reports of it being exploited in attacks prior to CISA’s warning.CISA has given federal agencies three weeks to apply patches for the Apple, Microsoft, and Notepad++ vulnerabilities.Related:Chrome 145 Patches 11 VulnerabilitiesRelated:Chipmaker Patch Tuesday: Over 80 Vulnerabilities Addressed by Intel and AMDRelated:6 Actively Exploited Zero-Days Patched by Microsoft With February 2026 UpdatesRelated:Critical SmarterMail Vulnerability Exploited in Ransomware Attacks

China-linked hackers were seenexploiting the flaw for initial accessin attacks that likely started in June 2025. Rapid7 has attributed the campaign to the cyberespionage group tracked as Lotus Blossom.The fourth CVE added to CISA’s KEV list on Thursday is CVE-2024-43468, a critical-severity RCE flaw in Microsoft Configuration Manager that wasresolved in October 2024.It is described as an SQL injection bug that can be exploited without authentication or user interaction via specially crafted requests.Proof-of-concept (PoC) code targeting CVE-2024-43468 has been publicly available for over a year, but there appear to have been no reports of it being exploited in attacks prior to CISA’s warning.CISA has given federal agencies three weeks to apply patches for the Apple, Microsoft, and Notepad++ vulnerabilities.Related:Chrome 145 Patches 11 VulnerabilitiesRelated:Chipmaker Patch Tuesday: Over 80 Vulnerabilities Addressed by Intel and AMDRelated:6 Actively Exploited Zero-Days Patched by Microsoft With February 2026 UpdatesRelated:Critical SmarterMail Vulnerability Exploited in Ransomware Attacks

The fourth CVE added to CISA’s KEV list on Thursday is CVE-2024-43468, a critical-severity RCE flaw in Microsoft Configuration Manager that wasresolved in October 2024.It is described as an SQL injection bug that can be exploited without authentication or user interaction via specially crafted requests.Proof-of-concept (PoC) code targeting CVE-2024-43468 has been publicly available for over a year, but there appear to have been no reports of it being exploited in attacks prior to CISA’s warning.CISA has given federal agencies three weeks to apply patches for the Apple, Microsoft, and Notepad++ vulnerabilities.Related:Chrome 145 Patches 11 VulnerabilitiesRelated:Chipmaker Patch Tuesday: Over 80 Vulnerabilities Addressed by Intel and AMDRelated:6 Actively Exploited Zero-Days Patched by Microsoft With February 2026 UpdatesRelated:Critical SmarterMail Vulnerability Exploited in Ransomware Attacks

It is described as an SQL injection bug that can be exploited without authentication or user interaction via specially crafted requests.Proof-of-concept (PoC) code targeting CVE-2024-43468 has been publicly available for over a year, but there appear to have been no reports of it being exploited in attacks prior to CISA’s warning.CISA has given federal agencies three weeks to apply patches for the Apple, Microsoft, and Notepad++ vulnerabilities.Related:Chrome 145 Patches 11 VulnerabilitiesRelated:Chipmaker Patch Tuesday: Over 80 Vulnerabilities Addressed by Intel and AMDRelated:6 Actively Exploited Zero-Days Patched by Microsoft With February 2026 UpdatesRelated:Critical SmarterMail Vulnerability Exploited in Ransomware Attacks

Proof-of-concept (PoC) code targeting CVE-2024-43468 has been publicly available for over a year, but there appear to have been no reports of it being exploited in attacks prior to CISA’s warning.CISA has given federal agencies three weeks to apply patches for the Apple, Microsoft, and Notepad++ vulnerabilities.Related:Chrome 145 Patches 11 VulnerabilitiesRelated:Chipmaker Patch Tuesday: Over 80 Vulnerabilities Addressed by Intel and AMDRelated:6 Actively Exploited Zero-Days Patched by Microsoft With February 2026 UpdatesRelated:Critical SmarterMail Vulnerability Exploited in Ransomware Attacks

CISA has given federal agencies three weeks to apply patches for the Apple, Microsoft, and Notepad++ vulnerabilities.Related:Chrome 145 Patches 11 VulnerabilitiesRelated:Chipmaker Patch Tuesday: Over 80 Vulnerabilities Addressed by Intel and AMDRelated:6 Actively Exploited Zero-Days Patched by Microsoft With February 2026 UpdatesRelated:Critical SmarterMail Vulnerability Exploited in Ransomware Attacks

Related:Chrome 145 Patches 11 VulnerabilitiesRelated:Chipmaker Patch Tuesday: Over 80 Vulnerabilities Addressed by Intel and AMDRelated:6 Actively Exploited Zero-Days Patched by Microsoft With February 2026 UpdatesRelated:Critical SmarterMail Vulnerability Exploited in Ransomware Attacks

Related:Chipmaker Patch Tuesday: Over 80 Vulnerabilities Addressed by Intel and AMDRelated:6 Actively Exploited Zero-Days Patched by Microsoft With February 2026 UpdatesRelated:Critical SmarterMail Vulnerability Exploited in Ransomware Attacks

Source: SecurityWeek