CISA Adds Actively Exploited SimpleHelp Vulnerability to KEV Catalog
ID: e93e246a-af67-5498-8798-0dba5ac04ad5
STIX ID: report--e93e246a-af67-5498-8798-0dba5ac04ad5
Feed Name: GBHackers
Threat Score
CISA has added a critical SimpleHelp vulnerability (CVE-2026-48558) to its KEV catalog: improper verification of OIDC identity token signatures enables unauthenticated attackers to forge tokens, bypass authentication (and in some configurations MFA), and gain technician-level remote access; CISA directs immediate remediation under BOD 26‑04 with a short remediation window.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
