The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. Thethree vulnerabilitiesare as follows -
CVE-2023-28432(CVSS score - 7.5) - MinIO Information Disclosure Vulnerability CVE-2023-27350(CVSS score - 9.8) - PaperCut MF/NG Improper Access Control