CISA has added four newly exploited vulnerabilities to its Known Exploited Vulnerabilities Catalog: CVE-2024-7399 (Samsung MagicINFO path traversal), CVE-2024-57726 (SimpleHelp missing authorization), CVE-2024-57728 (SimpleHelp path traversal), and CVE-2025-29635 (D-Link DIR-823X command injection). CISA urges all organizations to prioritize remediation of these vulnerabilities as part of vulnerability management practices to reduce exposure to active cyberattacks.