<ul><li>U.S. CISA added Ivanti EPMM, MDaemon Email Server, Srimax Output Messenger, Zimbra Collaboration, and ZKTeco BioTime flaws to its Known Exploited Vulnerabilities catalog.</li><li>CISA also included Google Chromium, DrayTek routers, and SAP NetWeaver flaws in its Known Exploited Vulnerabilities catalog.</li><li>Some of the described flaws include authentication bypass, code injection, XSS vulnerabilities, and directory traversal vulnerabilities.</li><li>Ivanti released security updates for CVE-2025-4427 and CVE-2025-4428 in Endpoint Manager Mobile software to address remote code execution threats.</li></ul>

U.S. CISA adds Ivanti EPMM, MDaemon Email Server, Srimax Output Messenger, Zimbra Collaboration, and ZKTeco BioTime flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Ivanti EPMM, MDaemon Email Server, Srimax Output Messenger, Zimbra Collaboration, and ZKTeco BioTime flaws to its Known Exploited Vulnerabilities catalog

Discover more