Browse all 12 CVE security advisories affecting CISA. AI-powered Chinese analysis, POCs, and references for each vulnerability.
The Cybersecurity and Infrastructure Security Agency (CISA) serves as the nation's risk advisor for critical infrastructure protection, focusing on safeguarding essential systems from cyber threats. Historically, common vulnerabilities affecting CISA systems include remote code execution, cross-site scripting, and privilege escalation flaws, with 12 CVEs currently documented. While CISA maintains robust security protocols, notable incidents include the 2020 breach attributed to foreign actors compromising its networks. The agency continuously enhances its defensive posture to protect federal systems and provide cybersecurity guidance to public and private sectors, addressing evolving threats to national infrastructure security.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-67634 | Software Acquisition Guide Supplier Response Web Tool XSS — Software Acquisition Guide ToolCWE-79 | 4.4 | Medium | 2025-12-12 |
This page lists every published CVE security advisory associated with CISA. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.