<ul><li>U.S. CISA adds Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities catalog.</li><li>Critical vulnerabilities including OS command injection in DrayTek routers and insufficient policy enforcement in Google Chromium were added to the catalog.</li><li>A flaw in SAP NetWeaver allows privileged users to upload malicious content, posing risks to system confidentiality, integrity, and availability.</li><li>Federal agencies are required to fix the vulnerabilities by June 5, 2025, to protect their networks from potential attacks exploiting the identified flaws.</li></ul>

U.S. CISA adds Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities catalog

Discover more