Heise.De
Active Exploitation of Vulnerabilities in Ivanti and SolarWinds Products
First seen 10 Mar 2026, 08:09 UTC
•



+6
•78% similarity
•69.9
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding active exploitation of vulnerabilities in Ivanti Endpoint Manager, SolarWinds Web Help Desk, and VMware Workspace ONE. The vulnerabilities include CVE-2025-26399, CVE-2026-1603, and CVE-2021-22054, all of which have been added to CISA's Known Exploited Vulnerabilities (KEV) list as of March 9, 2026.
ThreatCluster AI
Timeline
2021-12-17
CVE-2021-22054 published
2025-09-23
CVE-2025-26399 published and first public PoC released
2026-02-10
CVE-2026-1603 published
2026-03-09
CVE-2025-26399, CVE-2026-1603, CVE-2021-22054 added to CISA KEV