We tracked 255 regulatory actions this week. Here's what stood out.
22 FDA218 Regulatory12 Safety3 Cyber
This week's regulatory activity at a glance.
The EPA finalized renewable fuel blending mandates for 2026 and 2027, requiring refiners to blend 22.3 billion gallons of renewable fuel next year while granting a partial waiver for cellulosic biofuel volumes after the industry missed production targets again. The same day, the Pipeline and Hazardous Materials Safety Administration tightened class location requirements for hazardous liquid pipelines, forcing operators to upgrade or replace lines when development increases population density around existing infrastructure. <strong>Both rules hit energy companies with compliance costs, but the RFS mandate creates predictable demand for renewable diesel producers while pipeline operators face capital expenditure spikes tied to suburban expansion they can't control.</strong>
FEDERAL REGISTER
10 items
REGULATORY
Renewable Fuel Standard (RFS) Program: Standards for 2026 and 2027, Partial Waiver of 2025 Cellulosic Biofuel Volume Requirement, and Other Changes
EPA sets renewable fuel volume requirements for 2026 and 2027, with partial waiver of 2025 cellulosic biofuel targets. The rule affects refiners, blenders, and fuel distributors across the energy sector.
REGULATORY
Pipeline Safety: Class Location Change Requirements; Response to Petition for Reconsideration
Pipeline safety rule addresses class location changes, responding to industry petition for reconsideration. The change affects how operators handle population density increases near existing pipelines.
REGULATORY
Registering Emergency Medical Services Agencies Under the Protecting Patient Access to Emergency Medications Act of 2017
DEA finalizes registration process for emergency medical services agencies to handle controlled substances. The rule implements the 2017 Protecting Patient Access to Emergency Medications Act.
COST
CMS sets 2027 Medicare Advantage and drug benefit payment policy
·
EPA updates emission standards for chemical manufacturing air pollution sources
·
EPA determines Phoenix-Mesa area failed 2015 ozone standards due to cross-border emissions
·
USDA removes federal crop insurance premium subsidy limitations
·
OCC rescinds recovery planning standards for large banks and thrifts
TXT
FAA issues airworthiness directives for Bell Textron helicopters
·
CPSC issues safety standard for residential gates and enclosures
PRODUCT SAFETY
11 items
RECALL
Product Recall: Coluans Christmas Light-Up Rings Party Favors
Coluans Christmas light-up rings party favors recalled. The product poses a safety hazard to consumers.
RECALL
Product Recall: Granitestone Diamond Pro Blue Sauté Pans
Granitestone Diamond Pro blue sauté pans recalled. The cookware presents a risk that triggered the consumer product safety action.
RECALL
Product Recall: ELENKER Bed Rails
Elenker bed rails recalled. The product fails to meet safety standards for bedrail assistance devices.
·
CPSC recalls Gavoyeat Halloween light-up rings for battery burn hazard
·
CPSC recalls HTRC and Haisito battery chargers for fire hazard
·
CPSC recalls Ocun Condor HMS triple locking carabiners for unintended gate opening hazard
·
CPSC recalls Member's Mark Valentine pajama sets for flammability hazard
·
CPSC recalls Universal Broadmoore canopy bed frames for collapse hazard
·
CPSC recalls Sangohe portable bed rails for entrapment hazard
·
CPSC recalls TecFlox Hair and Beard Growth Serum for undisclosed hazard
EPA settlement: CHEVRON USA PRODUCTS COMPANY ($1,072,634)
Chevron settles Clean Air Act violations for $1.07M. The settlement resolves EPA enforcement case HQ-2024-0013.
CYBERSECURITY
3 items
CYBER
MSFT
CVE-2026-5281: Google Dawn: Google Dawn Use-After-Free Vulnerability
Google Dawn use-after-free vulnerability actively exploited in Chromium-based browsers including Microsoft Edge. CISA flags CVE-2026-5281 as known exploited, affecting renderer process security.
MSFT: | $372.88 | RSI 39 (neutral) | 33% from 52-wk high | Below SMA-50 · P/E: 23.4 | Net margin: 39.0% | Debt/equity: 0.10
CYBER
CVE-2026-3502: TrueConf Client: TrueConf Client Download of Code Without Integrity Check Vulnerability
TrueConf Client update mechanism downloads code without integrity checks. Attackers controlling the update path can inject malicious payloads into the installation process.
Fortinet FortiClient EMS access control flaw lets unauthenticated attackers execute code via crafted requests. CISA confirms active exploitation of CVE-2026-35616.
FTNT: | $83.72 | RSI 56 (neutral) | 23% from 52-wk high | Above SMA-50 · P/E: 34.1 | Net margin: 27.3%