• Category: Security
  • Status: confirmed
  • Sources: CISA KEV catalog
  • Summary: The CISA Known Exploited Vulnerabilities catalog advanced to version 2026.06.23 (count 1627). The 2026-06-23 batch added the three Ubiquiti UniFi OS Server flaws (CVE-2026-34908, CVE-2026-34909, CVE-2026-34910; covered in Top stories) plus CVE-2025-67038 in the Lantronix EDS5000 industrial device server. No additional developer-facing CVE was added past the Splunk Enterprise CVE-2026-20253 entry (2026-06-18).
  • Why it matters: Network-edge and device-server appliances dominate this batch, where unauthenticated exposure on the management plane is the common risk.
  • Follow-up: Watch for further KEV additions and any developer-infrastructure CVEs.

Send feedback on this story