The U.S. Cybersecurity and Infrastructure Security Agency (CISA) hasaddedthree security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is below -
CVE-2022-35914(CVSS score: 9.8) - Teclib GLPI Remote Code Execution Vulnerability CVE-2022-33891(CVSS score: 8.8) - Apache Spark Command Injection Vulnerability