CISA Adds Two Vulnerabilities to KEV Catalog: What Was Exposed & What To Do
CISA has added two vulnerabilities to its Known Exploited Vulnerabilities catalog on July 10, 2026, following reports of a data breach that exposed personal data. Individuals should check if their information was affected and take appropriate protective steps.
What was exposed
The specific data types exposed in this breach have not been publicly disclosed yet. We update this page as details are confirmed by the affected organisation or credible reporting.
How to check if you were affected
Run a free exposure scan with your email address. It matches you against known breach datasets and shows where your information has surfaced. Check if you’re exposed →
What to do if you were in the CISA Adds Two Vulnerabilities to KEV Catalog
- Remove your personal information from data-broker sites so the leaked data can’t be combined against you — GalaxyWarden files those removals for you.
How this breach connects
Frequently asked questions
Was my data in the CISA Adds Two Vulnerabilities to KEV Catalog breach?
The fastest way to know is a free exposure scan — it checks your email address against known breach data, including recent incidents like this one.
What information was exposed in the CISA Adds Two Vulnerabilities to KEV Catalog?
The full list of exposed data types is still being confirmed.
What should I do after the CISA Adds Two Vulnerabilities to KEV Catalog breach?
Change your password for that account and anywhere you reused it, turn on two-factor authentication, and remove your personal information from data-broker sites so it can’t be combined with the leaked data.
More recent breaches
Lithuania National Register Data Leak of 600K EntriesCISA Adds One Vulnerability to KEV CatalogVirginia Museum of History & Culture Breached by TheGentlemenUnion County, Ohio Paid $1M to Kairos in Data ExtortionLatest breaches
Read GalaxyWarden’s full analysis of the CISA Adds Two Vulnerabilities to KEV Catalog →
Based on public reporting
Attributions to threat groups and methods reflect public reporting and, in some cases, unverified claims made by the groups themselves; they may be incomplete or later revised. Recent Breaches and GalaxyWarden are independent and are not affiliated with, and do not endorse, any company or group named on this page. This information is aggregated from public sources for awareness only and is not legal, security, or investment advice.