The US Cybersecurity and Infrastructure Security Agency has added five actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog, including multiple flaws in Apple products and critical code injection vulnerabilities in Craft CMS and Laravel Livewire. Federal agencies are required to patch these by specified deadlines, and CISA is urging all organizations to prioritize remediation as part of vulnerability management practice.