The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three newly exploited vulnerabilities to its Known Exploited Vulnerabilities Catalog: flaws in Daemon Tools Lite, TanStack, and Nx Console. Federal agencies are required to patch these vulnerabilities under Binding Operational Directive 22-01, and CISA recommends all organizations prioritize remediation as part of their vulnerability management.