CISA has included two new vulnerabilities in its Known Exploited Vulnerabilities Catalog, CVE-2024-4947 for Google Chromium V8 Type Confusion Vulnerability and CVE-2023-43208 for NextGen Healthcare Mirth Connect Deserialization of Untrusted Data Vulnerability. These vulnerabilities are considered high risks for cyber attacks, prompting the implementation of Binding Operational Directive 22-01 to address them. While this directive applies to Federal Civilian Executive Branch agencies, CISA strongly advises all organizations to prioritize the timely remediation of these vulnerabilities to enhance their cybersecurity posture
CISA will continue to update the catalog with vulnerabilities meeting the defined criteria. ```https://www.cisa.gov/news-events/alerts/2024/05/20/cisa-adds-two-known-exploited-vulnerabilities-catalog