■ NCSC UK ■ CISA KEV

Threat Advisory

Active vulnerability alerts and security advisories for UK businesses. Curated from NCSC and CISA intelligence feeds.

[ LAST UPDATED: 26 March 2026 at 17:39 UTC ]
NCSC UK

Active UK Advisories

Why this matters to your business: The NCSC issues alerts when vulnerabilities are being actively exploited against UK organisations. If you use any of the affected products below, patching should be treated as urgent.
NCSC WED, 25 MAR 2026

Vulnerabilities affecting Citrix NetScaler ADC and Citrix NetScaler Gateway

Read NCSC Advisory →
NCSC TUE, 24 MAR 2026

Vibe check: AI may replace SaaS (but not for a while)

Read NCSC Advisory →
NCSC TUE, 24 MAR 2026

NCSC CEO: Seize 'disruptive' vibe coding opportunity to make software more secure

Read NCSC Advisory →
NCSC THU, 19 MAR 2026

How to secure your online meetings

Read NCSC Advisory →
NCSC THU, 12 MAR 2026

International security chiefs to convene in Glasgow for flagship CYBERUK conference

Read NCSC Advisory →
NCSC MON, 02 MAR 2026

Alert: NCSC advises UK organisations to take action following conflict in the Middle East

Read NCSC Advisory →
CISA KEV

Known Exploited Vulnerabilities — Active in the Wild

What is the CISA KEV Catalog? The US Cybersecurity and Infrastructure Security Agency maintains a list of vulnerabilities with confirmed evidence of active exploitation globally. These are not theoretical risks — they are being used by attackers right now. Many affect common software used by UK SMEs.
CISA KEV CRITICAL 2026-03-26
CVE-2026-33634 — Aquasecurity | Trivy

Aquasecurity Trivy Vulnerability

Aquasecurity Trivy contains an embedded malicious code vulnerability that could allow an attacker to gain access to everything in the CI/CD environment, including all tokens, SSH keys, cloud credentials, database passwords, and any sensitive configuration in memory.

View CISA Advisory →
CISA KEV CRITICAL 2026-03-25
CVE-2026-33017 — Langflow | Langflow

Langflow Langflow Vulnerability

Langflow contains a code injection vulnerability that could allow building public flows without requiring authentication.

View CISA Advisory →
CISA KEV CRITICAL 2026-03-20
CVE-2025-32432 — Craft CMS | Craft CMS

Craft CMS Craft CMS Vulnerability

Craft CMS contains a code injection vulnerability that allows a remote attacker to execute arbitrary code.

View CISA Advisory →
CISA KEV CRITICAL 2026-03-20
CVE-2025-54068 — Laravel | Livewire

Laravel Livewire Vulnerability

Laravel Livewire contain a code injection vulnerability that could allow unauthenticated attackers to achieve remote command execution in specific scenarios.

View CISA Advisory →
CISA KEV CRITICAL 2026-03-20
CVE-2025-43510 — Apple | Multiple Products

Apple Multiple Products Vulnerability

Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability that could allow a malicious application to cause unexpected changes in memory shared between processes.

View CISA Advisory →
CISA KEV CRITICAL 2026-03-20
CVE-2025-43520 — Apple | Multiple Products

Apple Multiple Products Vulnerability

Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain a classic buffer overflow vulnerability which could allow a malicious application to cause unexpected system termination or write kernel memory.

View CISA Advisory →

Is Your Business Exposed?

Many of these vulnerabilities affect software used by UK SMEs every day. A GET-IT threat intelligence scan will tell you exactly where your perimeter stands.

Book a Resilience Scan →

Intelligence sourced from NCSC UK and the CISA Known Exploited Vulnerabilities Catalog. This page is updated automatically every 12 hours. For the most current advisories visit the source links directly. GET-IT Cyber Division curates this content for UK SME relevance but is not responsible for the accuracy of third-party source data.