Updated CISA vulnerabilities catalog adds Chrome, Zimbra, Windows, ThreatSonar flaws

The Cybersecurity and Infrastructure Security Agency has included four flaws impacting the TeamT5 ThreatSonar Anti-Ransomware software, the Zimbra Collaboration Suite, the Microsoft Windows Video ActiveX Control utility, and Google Chrome in its Known Exploited Vulnerabilities list, The Hacker News reports.

The vulnerabilities include the high-severity Chrome use-after-free bug, tracked as CVE-2026-2441, which could allow heap corruption through a crafted HTML page, and the high-severity ThreatSonar Anti-Ransomware issue, tracked as CVE-2024-7694, which enables malicious file uploads and command execution. Also added to the KEV catalog were the critical ZCS server-side request forgery defect, tracked as CVE-2008-0015, which allows remote code execution through a specially crafted webpage, and the high-severity Windows Video ActiveX Control flaw, tracked as CVE-2020-7796, which permits unauthorized data access via server-side request forgery requests.

While researchers have not yet determined how the ThreatSonar flaw is being used in attacks, Google has confirmed active exploitation of CVE-2026-2441. On the other hand, nearly 400 IP addresses have been observed exploiting CVE-2020-7796 across multiple countries. Microsoft warned that the older flaw can download malware such as the Dogkild worm, which can run additional files, alter the Windows Hosts file, and disable security processes. Federal civilian executive branch agencies have been urged to apply fixes by Mar. 10.