CISA adds Microsoft Windows vulnerability CVE-2026-20805 to KEV catalog | brief | SC Media - SC Media

As detailed in Security Affairs, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability impacting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog. This action highlights the ongoing threat posed by actively exploited security flaws in widely used operating systems. The vulnerability, identified as CVE-2026-20805, affects the Windows Desktop Window Manager and allows attackers to leak small pieces of memory information. While not directly enabling code execution, this information disclosure can be used to bypass security measures and facilitate more severe exploits. This flaw was among 114 vulnerabilities addressed in Microsoft's January 2026 Patch Tuesday updates. Although Microsoft has not disclosed details of the attacks, CISA's inclusion of the CVE in the KEV catalog signifies active exploitation in the wild. CISA has mandated that federal agencies remediate this vulnerability by February 3, 2026, under Binding Operational Directive 22-01. This directive underscores the urgency for organizations to monitor the KEV catalog and prioritize patching actively exploited vulnerabilities to mitigate significant risks. Source: Security Affairs