1,619 totalEPSS avg 51.6%

KEVKnown Exploited Vulnerabilities

CISA’s actively-exploited catalogue · refreshed weekly · authored by Adam Lundqvist

Showing 1,619 of 1,619 · page 4 of 33

CVEVendor / ProductTitleKEV addedEPSS
CVE-2025-66644Array Networks / ArrayOS AGArray Networks ArrayOS AG OS Command Injection Vulnerability2025-12-08
3.0%
CVE-2025-55182Meta / React Server ComponentsMeta React Server Components Remote Code Execution Vulnerability2025-12-05
99.6%
CVE-2021-26828OpenPLC / ScadaBROpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability2025-12-03
39.4%
CVE-2025-48572Android / FrameworkAndroid Framework Privilege Escalation Vulnerability2025-12-02
0.2%
CVE-2025-48633Android / FrameworkAndroid Framework Information Disclosure Vulnerability2025-12-02
0.2%
CVE-2021-26829OpenPLC / ScadaBROpenPLC ScadaBR Cross-site Scripting Vulnerability2025-11-28
48.0%
CVE-2025-61757Oracle / Fusion MiddlewareOracle Fusion Middleware Missing Authentication for Critical Function Vulnera…2025-11-21
88.3%
CVE-2025-13223Google / Chromium V8Google Chromium V8 Type Confusion Vulnerability2025-11-19
4.8%
CVE-2025-58034Fortinet / FortiWebFortinet FortiWeb OS Command Injection Vulnerability2025-11-18
54.4%
CVE-2025-64446Fortinet / FortiWebFortinet FortiWeb Path Traversal Vulnerability2025-11-14
89.5%
CVE-2025-12480Gladinet / TriofoxGladinet Triofox Improper Access Control Vulnerability2025-11-12
90.4%
CVE-2025-62215Microsoft / WindowsMicrosoft Windows Race Condition Vulnerability2025-11-12
6.1%
CVE-2025-9242WatchGuard / FireboxWatchGuard Firebox Out-of-Bounds Write Vulnerability2025-11-12
86.4%
CVE-2025-21042Samsung / Mobile DevicesSamsung Mobile Devices Out-of-Bounds Write Vulnerability2025-11-10
11.6%
CVE-2025-11371Gladinet / CentreStack and TriofoxGladinet CentreStack and Triofox Files or Directories Accessible to External …2025-11-04
92.1%
CVE-2025-48703CWP / Control Web PanelCWP Control Web Panel OS Command Injection Vulnerability2025-11-04
99.6%
CVE-2025-24893XWiki / PlatformXWiki Platform Eval Injection Vulnerability2025-10-30
99.9%
CVE-2025-41244Broadcom / VMware Aria Operations and VMware ToolsBroadcom VMware Aria Operations and VMware Tools Privilege Defined with Unsaf…2025-10-30
7.6%
CVE-2025-6204Dassault Systèmes / DELMIA AprisoDassault Systèmes DELMIA Apriso Code Injection Vulnerability2025-10-28
75.3%
CVE-2025-6205Dassault Systèmes / DELMIA AprisoDassault Systèmes DELMIA Apriso Missing Authorization Vulnerability2025-10-28
69.2%
CVE-2025-54236Adobe / Commerce and MagentoAdobe Commerce and Magento Improper Input Validation Vulnerability2025-10-24
96.7%
CVE-2025-59287Microsoft / WindowsMicrosoft Windows Server Update Service (WSUS) Deserialization of Untrusted D…2025-10-24
100.0%
CVE-2025-61932Motex / LANSCOPE Endpoint ManagerMotex LANSCOPE Endpoint Manager Improper Verification of Source of a Communic…2025-10-22
2.7%
CVE-2022-48503Apple / Multiple ProductsApple Multiple Products Unspecified Vulnerability2025-10-20
2.9%
CVE-2025-2746Kentico / Xperience CMSKentico Xperience CMS Authentication Bypass Using an Alternate Path or Channe…2025-10-20
58.0%
CVE-2025-2747Kentico / Xperience CMSKentico Xperience CMS Authentication Bypass Using an Alternate Path or Channe…2025-10-20
91.3%
CVE-2025-33073Microsoft / WindowsMicrosoft Windows SMB Client Improper Access Control Vulnerability2025-10-20
64.3%
CVE-2025-61884Oracle / E-Business SuiteOracle E-Business Suite Server-Side Request Forgery (SSRF) Vulnerability2025-10-20
97.6%
CVE-2025-54253Adobe / Experience Manager (AEM) FormsAdobe Experience Manager Forms Code Execution Vulnerability2025-10-15
89.8%
CVE-2016-7836SKYSEA / Client ViewSKYSEA Client View Improper Authentication Vulnerability2025-10-14
19.4%
CVE-2025-24990Microsoft / WindowsMicrosoft Windows Untrusted Pointer Dereference Vulnerability2025-10-14
5.8%
CVE-2025-47827IGEL / IGEL OSIGEL OS Use of a Key Past its Expiration Date Vulnerability2025-10-14
3.5%
CVE-2025-59230Microsoft / WindowsMicrosoft Windows Improper Access Control Vulnerability2025-10-14
2.6%
CVE-2021-43798Grafana Labs / GrafanaGrafana Path Traversal Vulnerability2025-10-09
88.8%
CVE-2025-27915Synacor / Zimbra Collaboration Suite (ZCS)Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability2025-10-07
4.2%
CVE-2010-3765Mozilla / Multiple ProductsMozilla Multiple Products Remote Code Execution Vulnerability2025-10-06
83.3%
CVE-2010-3962Microsoft / Internet ExplorerMicrosoft Internet Explorer Uninitialized Memory Corruption Vulnerability2025-10-06
96.9%
CVE-2011-3402Microsoft / WindowsMicrosoft Windows Remote Code Execution Vulnerability2025-10-06
78.3%
CVE-2013-3918Microsoft / WindowsMicrosoft Windows Out-of-Bounds Write Vulnerability2025-10-06
73.9%
CVE-2021-22555Linux / KernelLinux Kernel Heap Out-of-Bounds Write Vulnerability2025-10-06
78.7%
CVE-2021-43226Microsoft / WindowsMicrosoft Windows Privilege Escalation Vulnerability2025-10-06
3.1%
CVE-2025-61882Oracle / E-Business SuiteOracle E-Business Suite Unspecified Vulnerability2025-10-06
99.7%
CVE-2014-6278GNU / GNU BashGNU Bash OS Command Injection Vulnerability2025-10-02
99.6%
CVE-2015-7755Juniper / ScreenOSJuniper ScreenOS Improper Authentication Vulnerability2025-10-02
61.4%
CVE-2017-1000353Jenkins / JenkinsJenkins Remote Code Execution Vulnerability2025-10-02
99.7%
CVE-2025-21043Samsung / Mobile DevicesSamsung Mobile Devices Out-of-Bounds Write Vulnerability2025-10-02
1.4%
CVE-2025-4008Smartbedded / MeteobridgeSmartbedded Meteobridge Command Injection Vulnerability2025-10-02
93.9%
CVE-2021-21311Adminer / AdminerAdminer Server-Side Request Forgery Vulnerability2025-09-29
90.5%
CVE-2025-10035Fortra / GoAnywhere MFTFortra GoAnywhere MFT Deserialization of Untrusted Data Vulnerability2025-09-29
99.6%
CVE-2025-20352Cisco / IOS and IOS XECisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Executio…2025-09-29
37.6%
Sourced from CISA Known Exploited Vulnerabilities — current weekly refresh. EPSS scores from FIRST.org via epss.cyentia.com. Curated by Adam Lundqvist, Founder at SQUR.