LIVE NEWSROOM · --:-- · May 25, 2026
A LIBRARY FOR SECURITY RESEARCHERS

CVE DATABASE · CISA KEV

Known Exploited
Vulnerabilities.

Every CVE in CISA’s KEV catalog — 1602 vulnerabilities confirmed exploited in the wild. The authoritative “patch this first” list. Search any one with our CVE Lookup or KEV search tool.

CVE-2025-21590 added 2025-03-13
Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability
Juniper Junos OS
CVE-2025-24201 added 2025-03-13
Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability
Apple Multiple Products
CVE-2025-24993 added 2025-03-11
Microsoft Windows NTFS Heap-Based Buffer Overflow Vulnerability
Microsoft Windows
CVE-2025-24991 added 2025-03-11
Microsoft Windows NTFS Out-Of-Bounds Read Vulnerability
Microsoft Windows
CVE-2025-24985 added 2025-03-11
Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability
Microsoft Windows
CVE-2025-24984 added 2025-03-11
Microsoft Windows NTFS Information Disclosure Vulnerability
Microsoft Windows
CVE-2025-24983 added 2025-03-11
Microsoft Windows Win32k Use-After-Free Vulnerability
Microsoft Windows
CVE-2025-26633 added 2025-03-11 RANSOMWARE
Microsoft Windows Management Console (MMC) Improper Neutralization Vulnerability
Microsoft Windows
CVE-2024-13161 added 2025-03-10
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
Ivanti Endpoint Manager (EPM)
CVE-2024-13160 added 2025-03-10
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
Ivanti Endpoint Manager (EPM)
CVE-2024-13159 added 2025-03-10
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
Ivanti Endpoint Manager (EPM)
CVE-2024-57968 added 2025-03-10
Advantive VeraCore Unrestricted File Upload Vulnerability
Advantive VeraCore
CVE-2025-25181 added 2025-03-10
Advantive VeraCore SQL Injection Vulnerability
Advantive VeraCore
CVE-2025-22226 added 2025-03-04
VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability
VMware ESXi, Workstation, and Fusion
CVE-2025-22225 added 2025-03-04 RANSOMWARE
VMware ESXi Arbitrary Write Vulnerability
VMware ESXi
CVE-2025-22224 added 2025-03-04
VMware ESXi and Workstation TOCTOU Race Condition Vulnerability
VMware ESXi and Workstation
CVE-2024-50302 added 2025-03-04
Linux Kernel Use of Uninitialized Resource Vulnerability
Linux Kernel
CVE-2024-4885 added 2025-03-03
Progress WhatsUp Gold Path Traversal Vulnerability
Progress WhatsUp Gold
CVE-2018-8639 added 2025-03-03 RANSOMWARE
Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability
Microsoft Windows
CVE-2022-43769 added 2025-03-03
Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability
Hitachi Vantara Pentaho Business Analytics (BA) Server
CVE-2022-43939 added 2025-03-03
Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability
Hitachi Vantara Pentaho Business Analytics (BA) Server
CVE-2023-20118 added 2025-03-03
Cisco Small Business RV Series Routers Command Injection Vulnerability
Cisco Small Business RV Series Routers
CVE-2023-34192 added 2025-02-25
Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability
Synacor Zimbra Collaboration Suite (ZCS)
CVE-2024-49035 added 2025-02-25
Microsoft Partner Center Improper Access Control Vulnerability
Microsoft Partner Center
CVE-2024-20953 added 2025-02-24
Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability
Oracle Agile Product Lifecycle Management (PLM)
CVE-2017-3066 added 2025-02-24
Adobe ColdFusion Deserialization Vulnerability
Adobe ColdFusion
CVE-2025-24989 added 2025-02-21
Microsoft Power Pages Improper Access Control Vulnerability
Microsoft Power Pages
CVE-2025-0111 added 2025-02-20
Palo Alto Networks PAN-OS File Read Vulnerability
Palo Alto Networks PAN-OS
CVE-2025-23209 added 2025-02-20
Craft CMS Code Injection Vulnerability
Craft CMS Craft CMS
CVE-2025-0108 added 2025-02-18
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Palo Alto Networks PAN-OS
CVE-2024-53704 added 2025-02-18 RANSOMWARE
SonicWall SonicOS SSLVPN Improper Authentication Vulnerability
SonicWall SonicOS
CVE-2024-57727 added 2025-02-13 RANSOMWARE
SimpleHelp Path Traversal Vulnerability
SimpleHelp SimpleHelp
CVE-2025-24200 added 2025-02-12
Apple iOS and iPadOS Incorrect Authorization Vulnerability
Apple iOS and iPadOS
CVE-2024-41710 added 2025-02-12
Mitel SIP Phones Argument Injection Vulnerability
Mitel SIP Phones
CVE-2024-40891 added 2025-02-11
Zyxel DSL CPE OS Command Injection Vulnerability
Zyxel DSL CPE Devices
CVE-2024-40890 added 2025-02-11
Zyxel DSL CPE OS Command Injection Vulnerability
Zyxel DSL CPE Devices
CVE-2025-21418 added 2025-02-11
Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability
Microsoft Windows
CVE-2025-21391 added 2025-02-11
Microsoft Windows Storage Link Following Vulnerability
Microsoft Windows
CVE-2025-0994 added 2025-02-07
Trimble Cityworks Deserialization Vulnerability
Trimble Cityworks
CVE-2020-15069 added 2025-02-06
Sophos XG Firewall Buffer Overflow Vulnerability
Sophos XG Firewall
CVE-2020-29574 added 2025-02-06
CyberoamOS (CROS) SQL Injection Vulnerability
Sophos CyberoamOS
CVE-2024-21413 added 2025-02-06
Microsoft Outlook Improper Input Validation Vulnerability
Microsoft Office Outlook
CVE-2022-23748 added 2025-02-06
Dante Discovery Process Control Vulnerability
Audinate Dante Discovery
CVE-2025-0411 added 2025-02-06
7-Zip Mark of the Web Bypass Vulnerability
7-Zip 7-Zip
CVE-2024-53104 added 2025-02-05
Linux Kernel Out-of-Bounds Write Vulnerability
Linux Kernel
CVE-2018-19410 added 2025-02-04
Paessler PRTG Network Monitor Local File Inclusion Vulnerability
Paessler PRTG Network Monitor
CVE-2018-9276 added 2025-02-04
Paessler PRTG Network Monitor OS Command Injection Vulnerability
Paessler PRTG Network Monitor
CVE-2024-29059 added 2025-02-04
Microsoft .NET Framework Information Disclosure Vulnerability
Microsoft .NET Framework
CVE-2024-45195 added 2025-02-04
Apache OFBiz Forced Browsing Vulnerability
Apache OFBiz
CVE-2025-24085 added 2025-01-29
Apple Multiple Products Use-After-Free Vulnerability
Apple Multiple Products
CVE-2025-23006 added 2025-01-24 RANSOMWARE
SonicWall SMA1000 Appliances Deserialization Vulnerability
SonicWall SMA1000 Appliances
CVE-2020-11023 added 2025-01-23
JQuery Cross-Site Scripting (XSS) Vulnerability
JQuery JQuery
CVE-2024-50603 added 2025-01-16
Aviatrix Controllers OS Command Injection Vulnerability
Aviatrix Controllers
CVE-2025-21335 added 2025-01-14
Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability
Microsoft Windows
CVE-2025-21334 added 2025-01-14
Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability
Microsoft Windows
CVE-2025-21333 added 2025-01-14
Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability
Microsoft Windows
CVE-2024-55591 added 2025-01-14 RANSOMWARE
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
Fortinet FortiOS and FortiProxy
CVE-2023-48365 added 2025-01-13 RANSOMWARE
Qlik Sense HTTP Tunneling Vulnerability
Qlik Sense
CVE-2024-12686 added 2025-01-13
BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability
BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS)
CVE-2025-0282 added 2025-01-08 RANSOMWARE
Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability
Ivanti Connect Secure, Policy Secure, and ZTA Gateways
← Prev Page 6 of 27 Next →
Scroll to Top