Report Date: 2026-05-14
New KEVs: 2Critical CVEs: 5Ransomware Victims: 168
2 vulnerabilities were added to the CISA Known Exploited Vulnerabilities catalog this period. 5 additional critical-severity CVEs have been published to the NVD but not yet confirmed as exploited — Cisco products show the strongest concentration of risk signals this week. Ransomware activity is moderate with 168 new victims posted to leak sites over the last 7 days, with Qilin posting the most victims.