CISA Adds Seven Actively Exploited Vulnerabilities to KEV Catalog – Including Microsoft Defender Flaws
CISA added seven new entries to the Known Exploited Vulnerabilities catalog on May 20, 2026. Two involve Microsoft Defender: CVE-2026-41091 (elevation of privilege) and CVE-2026-45498 (denial of service). Federal agencies must remediate by June 3 under BOD 22-01. All enterprises should prioritize automatic engine updates.
Microsoft Rolls Out Patches for Actively Exploited Defender Vulnerabilities
Microsoft has issued fixes for the two Defender flaws now listed in CISA’s KEV catalog. The elevation-of-privilege issue allows local attackers to reach SYSTEM privileges via link following. The DoS flaw disrupts antivirus operations. Updates deploy automatically through the Malware Protection Engine. Verify your version and status immediately.
Google Cloud and Thales Launch Sovereign Cloud in Germany
The new solution delivers full data sovereignty, C5/C3A compliance, and geo-redundant disaster recovery with France’s S3NS cloud. Preview is live now, with general availability planned for late 2026. Regulated and public-sector organizations gain a compliant path for AI and cloud workloads.
Federal Agencies More Than Double AI Use Cases per OMB Inventory
The latest OMB repository shows 3,611 AI use cases across federal agencies, more than double the prior year, with 445 high-impact. The inventory underscores accelerating federal IT modernization while highlighting the need for stronger governance frameworks.
Nvidia Reports Record Revenue on Explosive AI Data Center Growth
Nvidia delivered $81.6 billion in Q1 revenue (up 85% YoY), with data center sales hitting $75.2 billion (up 92%). The figures confirm sustained enterprise investment in AI infrastructure and should inform capacity planning for the remainder of 2026.
DoD Advances AI-First Acceleration Strategy
The Department of Defense is executing on pace-setting projects, expanded data access, and edge AI capabilities. Federal partners and contractors should align with these priorities to support rapid modernization.
Topics We’re Tracking (But Didn’t Make the Cut)
Ongoing ICS advisories (Siemens, ABB, ScadaBR)
Enterprise data readiness partnerships for agentic AI
Broader sovereign cloud developments across Europe
Sources
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41091
Google Cloud official announcements (May 20, 2026)
OMB Federal Agency AI Use Case Inventory (GitHub)
Nvidia Q1 FY2027 earnings release
DoD Artificial Intelligence Strategy memo
The Exchange Daily and Weekly deliver verified public-source intelligence for executive decision-makers. All information is from reputable, publicly available sources. Every effort is made to keep details accurate as of publication time, but readers should always confirm time-sensitive items such as policy changes, budget figures, and timelines with official documents and briefings. Always validate with primary sources before action.
The Exchange Daily and the Exchange Weekly do not constitute legal, investment, procurement, security, compliance, or technical advice. Content is for informational purposes only.
The Exchange Daily and Weekly are a production of Metora Solutions LLC, a HUBZone and Service Disabled Veteran Owned Small Business. All rights reserved. Copyright Metora Solutions LLC 2026.
