Known Exploited Vulnerabilities

Focus on What Matters

There are 349,949 vulnerabilities in the CVE database.
Whilst only 1.1% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

Aware of a KEV not on the list? Let us know!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2025-6543	Memory overflow vulnerability leading to unintended control flow and Denial of Service	NetScaler	ADC, Gateway	2026-06-01 10:36:14 UTC	CVE
CVE-2025-48925	The TeleMessage service through 2025-05-05 relies on the client side (e.g., the TM SGNL app) to do MD5 hashing, and then accepts the hash as the...	TeleMessage	service	2026-06-01 10:34:46 UTC	CVE
CVE-2024-0769	D-Link DIR-859 HTTP POST Request hedwig.cgi path traversal	D-Link	DIR-859	2026-06-01 10:34:26 UTC	CVE
CVE-2025-52572	Hikka vulnerable to RCE through dangling web interface	hikariatama	Hikka	2026-06-01 10:34:16 UTC	CVE
CVE-2025-34037	Linksys Routers E/WAG/WAP/WES/WET/WRT-Series	Linksys	E4200, E3200, E3000, E2500 v1/v2, E2100L v1, E2000, E1550, E1500 v1, E1200 v1, E1000 v1, E900 v1	2026-06-01 10:34:09 UTC	CVE
CVE-2024-54085	Redfish Authentication Bypass	AMI	MegaRAC-SPx	2026-06-01 10:34:02 UTC	CVE
CVE-2019-6693	Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup...	Fortinet	FortiGate	2026-06-01 10:33:55 UTC	CVE
CVE-2023-0386	A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux...	n/a	Kernel	2026-06-01 10:33:20 UTC	CVE
CVE-2025-43200	This issue was addressed with improved checks. This issue is fixed in iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.1 and...	Apple	iOS and iPadOS, iPadOS, macOS, visionOS, watchOS	2026-06-01 10:33:11 UTC	CVE
CVE-2023-33538	TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component...	n/a	n/a	2026-06-01 10:33:02 UTC	CVE
CVE-2025-33053	Internet Shortcut Files Remote Code Execution Vulnerability	Microsoft	Windows 10 Version 1507, Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)	2026-06-01 10:32:38 UTC	CVE
CVE-2025-24016	Remote code execution in Wazuh server	wazuh	wazuh	2026-06-01 10:32:30 UTC	CVE
CVE-2025-32433	Erlang/OTP SSH Vulnerable to Pre-Authentication RCE	erlang	otp	2026-06-01 10:32:20 UTC	CVE
CVE-2024-42009	A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a...	n/a	n/a	2026-06-01 10:32:11 UTC	CVE
CVE-2025-5419	Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a...	Google	Chrome	2026-06-01 10:31:54 UTC	CVE
CVE-2025-27038	Use After Free in Graphics	Qualcomm, Inc.	Snapdragon	2026-06-01 10:31:39 UTC	CVE
CVE-2025-21480	Incorrect Authorization in Graphics Windows	Qualcomm, Inc.	Snapdragon	2026-06-01 10:31:32 UTC	CVE
CVE-2025-21479	Incorrect Authorization in Graphics	Qualcomm, Inc.	Snapdragon	2026-06-01 10:31:25 UTC	CVE
CVE-2025-3935	ScreenConnect Exposure to ASP.NET ViewState Code Injection	ConnectWise	ScreenConnect	2026-06-01 10:31:13 UTC	CVE
CVE-2025-35939	Craft CMS stores user-provided content in session files	Craft	CMS	2026-06-01 10:31:06 UTC	CVE
CVE-2024-56145	RCE when PHP `register_argc_argv` config setting is enabled in craftcms/cms	craftcms	cms	2026-06-01 10:30:59 UTC	CVE
CVE-2023-39780	On ASUS RT-AX55 3.0.0.4.386.51598 devices, authenticated attackers can perform OS command injection via the /start_apply.htm qos_bw_rulelist...	ASUS	RT-AX55	2026-06-01 10:29:36 UTC	CVE
CVE-2026-20182	Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability	Cisco	Cisco Catalyst SD-WAN Manager	2026-06-01 10:28:27 UTC	CVE
CVE-2026-0257	PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities	Palo Alto Networks	Cloud NGFW, PAN-OS, Prisma Access	2026-06-01 10:28:20 UTC	CVE
CVE-2026-8398	A supply chain attack compromised the official installation packages of DAEMON Tools Lite (Windows versions 12.5.0.2421 through 12.5.0.2434),...	AVB Disc Soft	DAEMON Tools Lite	2026-06-01 10:28:09 UTC	CVE

Displaying vulnerabilities 251 - 275 of 3822 in total