KEVIntel

Known Exploited Vulnerabilities

Focus on What Matters

There are 298,510 vulnerabilities in the CVE database. Whilst only 0.6% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

0.6% Exploited

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID Vendor Source
CVE-2021-41293 ECOA The Shadowserver (via CIRCL)
CVE-2025-0868 Arc53 The Shadowserver (via CIRCL)
CVE-2020-11455 LimeSurvey The Shadowserver (via CIRCL)
CVE-2018-14912 CGit The Shadowserver (via CIRCL)
CVE-2018-11222 Artica The Shadowserver (via CIRCL)
CVE-2025-4322 StylemixThemes Wordfence
CVE-2024-7120 Raisecom The Shadowserver (via CIRCL)
CVE-2024-9644 Four-Faith The Shadowserver (via CIRCL)
CVE-2022-39960 Netic Group The Shadowserver (via CIRCL)
CVE-2022-31847 WAVLINK The Shadowserver (via CIRCL)
CVE-2022-48164 Wavlink The Shadowserver (via CIRCL)
CVE-2023-0386 Linux CISA
CVE-2025-43200 Apple CVE
CVE-2023-33538 TP-Link CISA
CVE-2020-8191 Citrix The Shadowserver (via CIRCL)
CVE-2023-1020 Unknown The Shadowserver (via CIRCL)
CVE-2021-29203 HPE The Shadowserver (via CIRCL)
CVE-2021-34624 ProfilePress The Shadowserver (via CIRCL)
CVE-2024-32735 CyberPower The Shadowserver (via CIRCL)
CVE-2009-0545 ZeroShell The Shadowserver (via CIRCL)
CVE-2025-32433 erlang CISA
CVE-2024-42009 Roundcube CISA
CVE-2025-33053 Microsoft CISA
CVE-2019-1821 Cisco The Shadowserver (via CIRCL)
CVE-2020-11546 SuperWebMailer The Shadowserver (via CIRCL)
Displaying vulnerabilities 1 - 25 of 1864 in total