The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday included two critical security vulnerabilities affecting Broadcom Brocade Fabric OS and Commvault Web Server in its Known Exploited Vulnerabilities (KEV) registry, pointing to proof of ongoing exploitation in real-world scenarios.
The vulnerabilities under discussion are outlined below –

CVE-2025-1976 (CVSS score: 8.6) – A code injection vulnerability