The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two significant vulnerabilities to its Known Exploited Vulnerabilities catalog: a command injection flaw in BerriAI LiteLLM, identified as CVE-2026-42271 with a CVSS score of 8.7, and an improper authentication issue in Check Point Security Gateway, designated as CVE-2026-50751 with a CVSS score of 9.31. These additions indicate that the vulnerabilities are being actively exploited by threat actors, highlighting the need for immediate attention from security teams. The exploitation status of CVE-2026-42271 is currently under discussion, which will determine whether a patch-now or monitor approach is necessary. The inclusion of these vulnerabilities in the KEV catalog emphasizes the importance of prompt mitigation to prevent potential attacks. So what matters to practitioners is that they must prioritize patching or mitigating these vulnerabilities to prevent exploitation, given the high CVSS scores and active discussion around their exploitation status.