KEVIntel

Known Exploited Vulnerabilities

Curated + enriched signals for rapid prioritization

{ } JSON RSS PRO

0.7%

actively
exploited

Focus on what’s exploited

Out of 350,016 known CVEs, only 0.7% show real-world exploitation signals.

Data from public sources (including CISA) plus private sensors, enriched with prioritization metadata.

View stats Report a KEV

2,499

Total Known exploited

351

Added this week

Search

Results update as you type.

⌘K

Added

Exploitability

Type to search. Filters apply instantly.

CVE	Severity	Title	Vendor	Product	Added
CVE-2025-48595	8.4 High	In multiple locations, there is a possible way to achieve code execution due to an integer overflow. This could lead to local escalation of... Low complexity No user interaction	Google	Android	about 5 hours ago
CVE-2026-41089	9.8 Critical	Windows Netlogon Remote Code Execution Vulnerability Remote Low complexity No user interaction	Microsoft	Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)	about 6 hours ago
CVE-2024-21182	7.5 High	Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are... Remote Low complexity No user interaction	Oracle Corporation	WebLogic Server	about 23 hours ago
CVE-2023-43000	8.8 High	A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, Safari... Remote Low complexity	Apple	macOS, iOS and iPadOS, Safari	1 day ago
CVE-2025-31277	8.8 High	The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6,... Remote Low complexity	Apple	Safari, iOS and iPadOS, macOS, tvOS, visionOS, watchOS	1 day ago
CVE-2026-9082	9.8 Critical	Drupal core - Highly critical - SQL injection - SA-CORE-2026-004 Remote Low complexity No user interaction	Drupal	Drupal core	1 day ago
CVE-2026-48172	10.0 Critical	LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May 2026. Detection is... Remote Low complexity No user interaction	LiteSpeed Technologies	cPanel Plugin, WHM Plugin	1 day ago
CVE-2026-34926	6.7 Medium	A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authenticated local attacker to modify a key table on the... No user interaction	Trend Micro, Inc.	TrendAI Apex One, TrendAI Apex One as a Service	1 day ago
CVE-2025-34291	9.4 Critical	Langflow <= 1.6.9 CORS Misconfiguration to Token Hijack & RCE Remote Low complexity	Langflow	Langflow	1 day ago
CVE-2026-45498	4.0 Medium	Microsoft Defender Denial of Service Vulnerability Low complexity No user interaction	Microsoft	Microsoft Defender Antimalware Platform	1 day ago
CVE-2026-41091	7.8 High	Microsoft Defender Elevation of Privilege Vulnerability Low complexity No user interaction	Microsoft	Microsoft Malware Protection Engine	1 day ago
CVE-2026-34234	10.0 Critical	CtrlPanel: Unauthenticated RCE using installer script Remote Low complexity No user interaction	Ctrlpanel-gg	panel	1 day ago
CVE-2026-42897	8.1 High	Microsoft Exchange Server Spoofing Vulnerability Remote Low complexity	Microsoft	Microsoft Exchange Server 2016 Cumulative Update 23, Microsoft Exchange Server 2019 Cumulative Update 14, Microsoft Exchange Server 2019 Cumulative Update 15, Microsoft Exchange Server Subscription Edition RTM	1 day ago
CVE-2026-42208	9.3 Critical	LiteLLM: SQL injection in Proxy API key verification Remote Low complexity No user interaction	BerriAI	litellm	1 day ago
CVE-2026-6973	7.2 High	An Improper Input Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remotely authenticated... Remote Low complexity No user interaction	Ivanti	Endpoint Manager Mobile	1 day ago
CVE-2026-44742	7.2 High	Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as exploited in the wild in May... Remote Low complexity No user interaction	Postorius project	Postorius	1 day ago
CVE-2026-0300	9.3 Critical	PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal Remote Low complexity No user interaction	Palo Alto Networks	Cloud NGFW, PAN-OS, Prisma Access	1 day ago
CVE-2026-31431	7.8 High	crypto: algif_aead - Revert to operating out-of-place Low complexity No user interaction	Linux	Linux	1 day ago
CVE-2026-41940	9.3 Critical	WebPros cPanel and WHM Authentication Bypass via Login Flow Malware Remote Low complexity No user interaction	WebPros	cPanel, WP Squared, WHM	1 day ago
CVE-2026-32202	4.3 Medium	Windows Shell Spoofing Vulnerability Remote Low complexity	Microsoft	Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows 11 Version 25H2, Windows 11 version 26H1, Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)	1 day ago
CVE-2024-1708	8.4 High	Improper limitation of a pathname to a restricted directory (“path traversal”) Malware Remote Low complexity	ConnectWise	ScreenConnect	1 day ago
CVE-2025-29635	7.2 High	A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote... Remote Low complexity No user interaction	D-Link	DIR-823X	1 day ago
CVE-2024-7399	8.8 High	Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to... Remote Low complexity No user interaction	Samsung Electronics	MagicINFO 9 Server	1 day ago
CVE-2024-57728	7.2 High	SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a... Malware Remote Low complexity No user interaction	SimpleHelp	SimpleHelp remote support software	1 day ago
CVE-2024-57726	9.9 Critical	SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to create API keys with excessive... Malware Remote Low complexity No user interaction	SimpleHelp	SimpleHelp remote support software	1 day ago

Displaying vulnerabilities 1 - 25 of 2499 in total