The U.S. Cybersecurity and Infrastructure Security Agency (CISA) hasaddedtwo-years-old security flaws impacting TIBCO Software’s JasperReports product to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The flaws, tracked asCVE-2018-5430(CVSS score: 7.7) andCVE-2018-18809(CVSS score: 9.9), were addressed by TIBCO in April 2018 and March 2019,