1,619 totalEPSS avg 51.6%

KEVKnown Exploited Vulnerabilities

CISA’s actively-exploited catalogue · refreshed weekly · authored by Adam Lundqvist

Showing 1,619 of 1,619 · page 2 of 33

CVEVendor / ProductTitleKEV addedEPSS
CVE-2026-34197Apache / ActiveMQApache ActiveMQ Improper Input Validation Vulnerability2026-04-16
87.0%
CVE-2009-0238Microsoft / OfficeMicrosoft Office Remote Code Execution2026-04-14
43.1%
CVE-2026-32201Microsoft / SharePoint ServerMicrosoft SharePoint Server Improper Input Validation Vulnerability2026-04-14
24.2%
CVE-2012-1854Microsoft / Visual Basic for Applications (VBA)Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability2026-04-13
21.0%
CVE-2020-9715Adobe / AcrobatAdobe Acrobat Use-After-Free Vulnerability2026-04-13
48.4%
CVE-2023-21529microsoft / exchange_serverCVE-2023-215292026-04-13
62.1%
CVE-2023-36424Microsoft / WindowsMicrosoft Windows Out-of-Bounds Read Vulnerability2026-04-13
12.2%
CVE-2025-60710Microsoft / WindowsMicrosoft Windows Link Following Vulnerability2026-04-13
4.6%
CVE-2026-21643Fortinet / FortiClient EMSFortinet FortiClient EMS SQL Injection Vulnerability2026-04-13
94.1%
CVE-2026-34621Adobe / Acrobat and ReaderAdobe Acrobat and Reader Prototype Pollution Vulnerability2026-04-13
7.1%
CVE-2026-1340Ivanti / Endpoint Manager Mobile (EPMM)Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability2026-04-08
82.0%
CVE-2026-35616Fortinet / FortiClient EMSFortinet FortiClient EMS Improper Access Control Vulnerability2026-04-06
88.5%
CVE-2026-3502TrueConf / ClientTrueConf Client Download of Code Without Integrity Check Vulnerability2026-04-02
5.8%
CVE-2026-5281Google / DawnGoogle Dawn Use-After-Free Vulnerability2026-04-01
5.5%
CVE-2026-3055Citrix / NetScalerCitrix NetScaler Out-of-Bounds Read Vulnerability2026-03-30
84.0%
CVE-2025-53521F5 / BIG-IPF5 BIG-IP Stack-Based Buffer Overflow Vulnerability2026-03-27
2.2%
CVE-2026-33634Aquasecurity / TrivyAquasecurity Trivy Embedded Malicious Code Vulnerability2026-03-26
60.4%
CVE-2026-33017Langflow / LangflowLangflow Code Injection Vulnerability2026-03-25
98.4%
CVE-2025-31277Apple / Multiple ProductsApple Multiple Products Buffer Overflow Vulnerability2026-03-20
1.4%
CVE-2025-32432Craft CMS / Craft CMSCraft CMS Code Injection Vulnerability2026-03-20
99.7%
CVE-2025-43510Apple / Multiple ProductsApple Multiple Products Improper Locking Vulnerability2026-03-20
0.3%
CVE-2025-43520Apple / Multiple ProductsApple Multiple Products Classic Buffer Overflow Vulnerability2026-03-20
0.4%
CVE-2025-54068Laravel / LivewireLaravel Livewire Code Injection Vulnerability2026-03-20
92.0%
CVE-2026-20131Cisco / Secure Firewall Management Center (FMC)Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Clo…2026-03-19
27.6%
CVE-2025-66376Synacor / Zimbra Collaboration Suite (ZCS)Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting Vulnerability2026-03-18
12.0%
CVE-2026-20963Microsoft / SharePointMicrosoft SharePoint Deserialization of Untrusted Data Vulnerability2026-03-18
31.1%
CVE-2025-47813Wing FTP Server / Wing FTP ServerWing FTP Server Information Disclosure Vulnerability2026-03-16
56.4%
CVE-2026-3909Google / SkiaGoogle Skia Out-of-Bounds Write Vulnerability2026-03-13
1.6%
CVE-2026-3910Google / Chromium V8Google Chromium V8 Improper Restriction of Operations Within the Bounds of a …2026-03-13
2.1%
CVE-2025-68613n8n / n8nn8n Improper Control of Dynamically-Managed Code Resources Vulnerability2026-03-11
98.0%
CVE-2021-22054Omnissa / Workspace One UEMOmnissa Workspace ONE Server-Side Request Forgery2026-03-09
97.7%
CVE-2025-26399SolarWinds / Web Help DeskSolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability2026-03-09
88.3%
CVE-2026-1603Ivanti / Endpoint Manager (EPM)Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability2026-03-09
81.1%
CVE-2017-7921Hikvision / Multiple ProductsHikvision Multiple Products Improper Authentication Vulnerability2026-03-05
100.0%
CVE-2021-22681Rockwell / Multiple ProductsRockwell Multiple Products Insufficient Protected Credentials Vulnerability2026-03-05
25.5%
CVE-2021-30952Apple / Multiple ProductsApple Multiple Products Integer Overflow or Wraparound Vulnerability2026-03-05
7.6%
CVE-2023-41974Apple / iOS and iPadOSApple iOS and iPadOS Use-After-Free Vulnerability2026-03-05
1.4%
CVE-2023-43000Apple / Multiple ProductsApple Multiple products Use-After-Free Vulnerability2026-03-05
3.8%
CVE-2026-21385Qualcomm / Multiple ChipsetsQualcomm Multiple Chipsets Memory Corruption Vulnerability2026-03-03
1.1%
CVE-2026-22719Broadcom / VMware Aria OperationsBroadcom VMware Aria Operations Command Injection Vulnerability2026-03-03
17.4%
CVE-2022-20775Cisco / SD-WANCisco SD-WAN Path Traversal Vulnerability2026-02-25
12.5%
CVE-2026-20127cisco / catalyst_sd-wan_managerCVE-2026-201272026-02-25
48.2%
CVE-2026-25108Soliton Systems K.K / FileZenSoliton Systems K.K FileZen OS Command Injection Vulnerability2026-02-24
5.0%
CVE-2025-49113Roundcube / WebmailRoundCube Webmail Deserialization of Untrusted Data Vulnerability2026-02-20
89.2%
CVE-2025-68461Roundcube / WebmailRoundCube Webmail Cross-site Scripting Vulnerability2026-02-20
19.8%
CVE-2021-22175GitLab / GitLabGitLab Server-Side Request Forgery (SSRF) Vulnerability2026-02-18
53.4%
CVE-2026-22769Dell / RecoverPoint for Virtual Machines (RP4VMs)Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials…2026-02-18
13.1%
CVE-2008-0015Microsoft / Windows Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability2026-02-17
76.6%
CVE-2020-7796Synacor / Zimbra Collaboration SuiteSynacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery Vulnerab…2026-02-17
85.4%
CVE-2024-7694TeamT5 / ThreatSonar Anti-RansomwareTeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous…2026-02-17
1.8%
Sourced from CISA Known Exploited Vulnerabilities — current weekly refresh. EPSS scores from FIRST.org via epss.cyentia.com. Curated by Adam Lundqvist, Founder at SQUR.