CSTI
    vulnerabilityThe Mobile Era (2020-Present) Daily Briefing Landmark Event

    CISA Flags Two Critical Vulnerabilities Amidst Ongoing Attacks

    Tuesday, March 3, 2026

    CISA Flags Two Critical Vulnerabilities Amidst Ongoing Attacks

    On March 3, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added two significant vulnerabilities to its Known Exploited Vulnerabilities catalog, indicating active exploitation. The first, CVE-2026-21385, is a memory corruption vulnerability affecting Qualcomm chipsets, which has been confirmed as a high-severity zero-day in recent Android updates. The second, CVE-2026-22719, is a command injection vulnerability found in VMware Aria Operations. Both vulnerabilities present serious risks, especially in environments where these systems are prevalent. In a related development, Google disclosed a critical Android security update that patched 129 vulnerabilities, including CVE-2026-21385, marking one of the largest patch releases in recent history.

    Additionally, LexisNexis reported a significant data breach, where hackers exploited an unpatched vulnerability in a React application to steal 2GB of sensitive data affecting legal and government clients. Meanwhile, Iranian cyber groups have ramped up coordinated attacks on critical infrastructure through phishing tactics. These developments underscore the urgency for organizations to prioritize patch management and enhance security protocols to mitigate risks.

    Also In Security Today

    • Android Security Update: Google has released a critical update addressing 129 vulnerabilities, including CVE-2026-21385, marking one of the largest patch rollouts in years. Read more.
    • LexisNexis Data Breach: A breach was confirmed by LexisNexis after hackers exploited a vulnerable application, exfiltrating sensitive legal and government client data. Read more.
    • Iranian Cyber Attacks: Coordinated attacks on critical infrastructure were launched by Iranian cyber groups using phishing tactics to distribute malware, highlighting ongoing geopolitical tensions. Read more.

    Analyst's Take

    Today's updates reveal a concerning trend in active exploitation of vulnerabilities, particularly with CISA's latest additions. Organizations must prioritize immediate patching of affected systems, especially for critical vulnerabilities like CVE-2026-21385 and CVE-2026-22719. The significant leak from LexisNexis serves as a reminder of the consequences of unpatched applications. As nation-state actors continue to target critical infrastructure, security teams should enhance threat detection capabilities and employee training on recognizing phishing attempts. The landscape is shifting rapidly, and proactive measures are essential to mitigate these evolving threats.

    Sources

    CVE-2026-21385 CVE-2026-22719 data breach cyberattack patch management