The U.S. Cybersecurity and Infrastructure Security Agency (CISA) hasaddedthree flaws to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The security vulnerabilities are as follows -
CVE-2023-1389(CVSS score: 8.8) - TP-Link Archer AX-21 Command Injection Vulnerability CVE-2021-45046(CVSS score: 9.0) - Apache Log4j2 Deserialization of Untrusted