CISA added CVE-2025-53521 (F5 BIG-IP Remote Code Execution) to the Known Exploited Vulnerabilities Catalog based on evidence of active exploitation. This vulnerability is subject to BOD 22-01 remediation requirements for Federal Civilian Executive Branch agencies, and CISA urges all organizations to prioritize patching as part of vulnerability management practices.