LIVE NEWSROOM · --:-- · May 24, 2026
A LIBRARY FOR SECURITY RESEARCHERS

CVE DATABASE · CISA KEV

Known Exploited
Vulnerabilities.

Every CVE in CISA’s KEV catalog — 1602 vulnerabilities confirmed exploited in the wild. The authoritative “patch this first” list. Search any one with our CVE Lookup or KEV search tool.

CVE-2021-26855 added 2021-11-03 RANSOMWARE
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server
CVE-2021-26858 added 2021-11-03 RANSOMWARE
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server
CVE-2021-27065 added 2021-11-03 RANSOMWARE
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server
CVE-2020-1054 added 2021-11-03
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k
CVE-2021-1675 added 2021-11-03 RANSOMWARE
Microsoft Windows Print Spooler Remote Code Execution Vulnerability
Microsoft Windows
CVE-2021-34448 added 2021-11-03
Microsoft Windows Scripting Engine Memory Corruption Vulnerability
Microsoft Windows
CVE-2020-0601 added 2021-11-03
Microsoft Windows CryptoAPI Spoofing Vulnerability
Microsoft Windows
CVE-2019-0604 added 2021-11-03 RANSOMWARE
Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft SharePoint
CVE-2020-0646 added 2021-11-03
Microsoft .NET Framework Remote Code Execution Vulnerability
Microsoft .NET Framework
CVE-2019-0808 added 2021-11-03
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k
CVE-2021-26857 added 2021-11-03 RANSOMWARE
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server
CVE-2020-1147 added 2021-11-03
Microsoft .NET Framework, SharePoint, and Visual Studio Remote Code Execution Vulnerability
Microsoft .NET Framework, SharePoint, Visual Studio
CVE-2019-1214 added 2021-11-03
Microsoft Windows Privilege Common Log File System (CLFS) Escalation Vulnerability
Microsoft Windows
CVE-2016-3235 added 2021-11-03
Microsoft Office OLE DLL Side Loading Vulnerability
Microsoft Office
CVE-2019-0863 added 2021-11-03
Microsoft Windows Error Reporting (WER) Privilege Escalation Vulnerability
Microsoft Windows
CVE-2021-36955 added 2021-11-03 RANSOMWARE
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
Microsoft Windows
CVE-2021-38648 added 2021-11-03
Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability
Microsoft Open Management Infrastructure (OMI)
CVE-2020-6819 added 2021-11-03
Mozilla Firefox And Thunderbird Use-After-Free Vulnerability
Mozilla Firefox and Thunderbird
CVE-2020-6820 added 2021-11-03
Mozilla Firefox And Thunderbird Use-After-Free Vulnerability
Mozilla Firefox and Thunderbird
CVE-2019-17026 added 2021-11-03
Mozilla Firefox And Thunderbird Type Confusion Vulnerability
Mozilla Firefox and Thunderbird
CVE-2019-15949 added 2021-11-03
Nagios XI Remote Code Execution Vulnerability
Nagios Nagios XI
CVE-2020-26919 added 2021-11-03
Netgear JGS516PE Devices Missing Function Level Access Control Vulnerability
NETGEAR JGS516PE Devices
CVE-2019-19356 added 2021-11-03
Netis WF2419 Devices Remote Code Execution Vulnerability
Netis WF2419 Devices
CVE-2020-2555 added 2021-11-03
Oracle Multiple Products Remote Code Execution Vulnerability
Oracle Multiple Products
CVE-2012-3152 added 2021-11-03
Oracle Fusion Middleware Unspecified Vulnerability
Oracle Fusion Middleware
CVE-2020-14871 added 2021-11-03
Oracle Solaris and Zettabyte File System (ZFS) Unspecified Vulnerability
Oracle Solaris and Zettabyte File System (ZFS)
CVE-2015-4852 added 2021-11-03
Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability
Oracle WebLogic Server
CVE-2020-14750 added 2021-11-03
Oracle WebLogic Server Remote Code Execution Vulnerability
Oracle WebLogic Server
CVE-2020-14882 added 2021-11-03
Oracle WebLogic Server Remote Code Execution Vulnerability
Oracle WebLogic Server
CVE-2020-14883 added 2021-11-03
Oracle WebLogic Server Unspecified Vulnerability
Oracle WebLogic Server
CVE-2020-8644 added 2021-11-03
PlaySMS Server-Side Template Injection Vulnerability
PlaySMS PlaySMS
CVE-2019-18935 added 2021-11-03 RANSOMWARE
Progress Telerik UI for ASP.NET AJAX Deserialization of Untrusted Data Vulnerability
Progress Telerik UI for ASP.NET AJAX
CVE-2021-22893 added 2021-11-03 RANSOMWARE
Ivanti Pulse Connect Secure Use-After-Free Vulnerability
Ivanti Pulse Connect Secure
CVE-2020-8243 added 2021-11-03
Ivanti Pulse Connect Secure Code Execution Vulnerability
Ivanti Pulse Connect Secure
CVE-2021-22900 added 2021-11-03
Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability
Ivanti Pulse Connect Secure
CVE-2021-22894 added 2021-11-03
Ivanti Pulse Connect Secure Collaboration Suite Buffer Overflow Vulnerability
Ivanti Pulse Connect Secure
CVE-2020-8260 added 2021-11-03
Ivanti Pulse Connect Secure Code Execution Vulnerability
Ivanti Pulse Connect Secure
CVE-2021-22899 added 2021-11-03
Ivanti Pulse Connect Secure Command Injection Vulnerability
Ivanti Pulse Connect Secure
CVE-2019-11510 added 2021-11-03 RANSOMWARE
Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability
Ivanti Pulse Connect Secure
CVE-2019-11539 added 2021-11-03 RANSOMWARE
Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability
Ivanti Pulse Connect Secure and Pulse Policy Secure
CVE-2021-1906 added 2021-11-03
Qualcomm Multiple Chipsets Detection of Error Condition Without Action Vulnerability
Qualcomm Multiple Chipsets
CVE-2021-1905 added 2021-11-03
Qualcomm Multiple Chipsets Use-After-Free Vulnerability
Qualcomm Multiple Chipsets
CVE-2020-10221 added 2021-11-03
rConfig OS Command Injection Vulnerability
rConfig rConfig
CVE-2021-35395 added 2021-11-03
Realtek AP-Router SDK Buffer Overflow Vulnerability
Realtek AP-Router SDK
CVE-2017-16651 added 2021-11-03
Roundcube Webmail File Disclosure Vulnerability
Roundcube Roundcube Webmail
CVE-2020-11652 added 2021-11-03
SaltStack Salt Path Traversal Vulnerability
SaltStack Salt
CVE-2020-11651 added 2021-11-03
SaltStack Salt Authentication Bypass Vulnerability
SaltStack Salt
CVE-2020-16846 added 2021-11-03
SaltStack Salt Shell Injection Vulnerability
SaltStack Salt
CVE-2018-2380 added 2021-11-03 RANSOMWARE
SAP Customer Relationship Management (CRM) Path Traversal Vulnerability
SAP Customer Relationship Management (CRM)
CVE-2010-5326 added 2021-11-03
SAP NetWeaver Remote Code Execution Vulnerability
SAP NetWeaver
CVE-2016-9563 added 2021-11-03
SAP NetWeaver XML External Entity (XXE) Vulnerability
SAP NetWeaver
CVE-2020-6287 added 2021-11-03
SAP NetWeaver Missing Authentication for Critical Function Vulnerability
SAP NetWeaver
CVE-2020-6207 added 2021-11-03
SAP Solution Manager Missing Authentication for Critical Function Vulnerability
SAP Solution Manager
CVE-2016-3976 added 2021-11-03
SAP NetWeaver Directory Traversal Vulnerability
SAP NetWeaver
CVE-2019-16256 added 2021-11-03
SIMalliance Toolbox Browser Command Injection Vulnerability
SIMalliance Toolbox Browser
CVE-2020-10148 added 2021-11-03
SolarWinds Orion Authentication Bypass Vulnerability
SolarWinds Orion
CVE-2021-35211 added 2021-11-03 RANSOMWARE
SolarWinds Serv-U Remote Code Execution Vulnerability
SolarWinds Serv-U
CVE-2016-3643 added 2021-11-03
SolarWinds Virtualization Manager Privilege Escalation Vulnerability
SolarWinds Virtualization Manager
CVE-2020-10199 added 2021-11-03
Sonatype Nexus Repository Remote Code Execution Vulnerability
Sonatype Nexus Repository
CVE-2021-20021 added 2021-11-03 RANSOMWARE
SonicWall Email Security Improper Privilege Management Vulnerability
SonicWall SonicWall Email Security
← Prev Page 26 of 27 Next →
Scroll to Top