The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The three vulnerabilities are as follows –

CVE-2023-28432 (CVSS score – 7.5) – MinIO Information Disclosure Vulnerability 
CVE-2023-27350 (CVSS score – 9.8) – PaperCut MF/NG Improper Access Control

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The three vulnerabilities are as follows –

CVE-2023-28432 (CVSS score – 7.5) – MinIO Information Disclosure Vulnerability 
CVE-2023-27350 (CVSS score – 9.8) – PaperCut MF/NG Improper Access Control