The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on February 2addedtwo security flaws to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation. The first of the two vulnerabilities isCVE-2022-21587(CVSS score: 9.8), a critical issue impacting versions 12.2.3 to 12.2.11 of the Oracle Web Applications Desktop Integrator product. “Oracle