The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added vulnerabilities in Fortinet's FortiOS/FortiProxy and GitHub Action to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerabilities, which are critical in nature, have drawn attention due to their potential exploitation. Additionally, a critical remote code execution vulnerability (CVE-2025-23120) was discovered in Veeam Backup & Replication, rated at 9.9 on the CVSS scale. Veeam has since released a patch to address this flaw. CISA also flagged a vulnerability in NAKIVO Backup & Replication that is actively being exploited, with details indicating that it could allow unauthorized access to sensitive data. Furthermore, vulnerabilities in Cisco's Smart Licensing Utility have been identified, with hackers actively exploiting them. The vulnerabilities in question are rated at 9.8 and pose serious risks, including access to admin credentials and APIs. Organizations are urged to update their systems promptly to mitigate these risks.