Known Exploited Vulnerabilities

Focus on What Matters

There are 297,566 vulnerabilities in the CVE database.
Whilst only 0.6% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2022-49703	scsi: ibmvfc: Store vhost pointer during subcrq allocation	Linux	Linux	2025-02-26 02:24:22 UTC	CVE
CVE-2022-49353	powerpc/papr_scm: don't requests stats with '0' sized stats buffer	Linux	Linux	2025-02-26 02:11:04 UTC	CVE
CVE-2022-49201	ibmvnic: fix race between xmit and reset	Linux	Linux	2025-02-26 01:55:43 UTC	CVE
CVE-2022-49198	mptcp: Fix crash due to tcp_tsorted_anchor was initialized before release skb	Linux	Linux	2025-02-26 01:55:41 UTC	CVE
CVE-2023-34192	Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted script to...	n/a	n/a	2025-02-25 00:00:00 UTC	CISA
CVE-2024-49035	Partner.Microsoft.Com Elevation of Privilege Vulnerability	Microsoft	Microsoft Partner Center	2025-02-25 00:00:00 UTC	CISA
CVE-2017-3066	Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java deserialization...	Adobe	Adobe ColdFusion ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier	2025-02-24 00:00:00 UTC	CISA
CVE-2024-20953	Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Export). The supported version that is affected is 9.3.6. Easily...	Oracle Corporation	Agile PLM Framework	2025-02-24 00:00:00 UTC	CISA
CVE-2025-24989	Microsoft Power Pages Elevation of Privilege Vulnerability	Microsoft	Microsoft Power Pages	2025-02-21 00:00:00 UTC	CISA
CVE-2025-0111	PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface	Palo Alto Networks	Cloud NGFW, PAN-OS, Prisma Access	2025-02-20 00:00:00 UTC	CISA
CVE-2025-23209	Potential RCE with a compromised security key in craft/cms	craftcms	cms	2025-02-20 00:00:00 UTC	CISA
CVE-2024-53704	An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication.	SonicWall	SonicOS	2025-02-18 00:00:00 UTC	CISA
CVE-2025-0108	PAN-OS: Authentication Bypass in the Management Web Interface	Palo Alto Networks	Cloud NGFW, PAN-OS, Prisma Access	2025-02-18 00:00:00 UTC	CISA
CVE-2024-57727	SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote...	n/a	n/a	2025-02-13 00:00:00 UTC	CISA
CVE-2024-41710	A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit, through R6.4.0.HF1...	n/a	n/a	2025-02-12 00:00:00 UTC	CISA
CVE-2025-24200	An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical...	Apple	iPadOS, iOS and iPadOS	2025-02-12 00:00:00 UTC	CISA
CVE-2025-21391	Windows Storage Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows Server 2025 (Server Core installation), Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows Server 2025, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation)	2025-02-11 00:00:00 UTC	CISA
CVE-2025-21418	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows Server 2025 (Server Core installation), Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows Server 2025, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2025-02-11 00:00:00 UTC	CISA
CVE-2024-40890	A post-authentication command injection vulnerability in the CGI program of the legacy DSL CPE Zyxel VMG4325-B10A...	Zyxel	VMG4325-B10A firmware	2025-02-11 00:00:00 UTC	CISA
CVE-2024-40891	A post-authentication command injection vulnerability in the management commands of the legacy DSL CPE Zyxel...	Zyxel	VMG4325-B10A firmware	2025-02-11 00:00:00 UTC	CISA
CVE-2025-0994	Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10 are vulnerable to a deserialization...	Trimble	Cityworks, Cityworks (with office companion)	2025-02-07 00:00:00 UTC	CISA
CVE-2020-15069	Sophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow and remote code execution via the HTTP/S Bookmarks feature for clientless...	n/a	n/a	2025-02-06 00:00:00 UTC	CISA
CVE-2025-0411	7-Zip Mark-of-the-Web Bypass Vulnerability	7-Zip	7-Zip	2025-02-06 00:00:00 UTC	CISA
CVE-2022-23748	mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to load the DLL, from which folder and under what...	n/a	Audinate Dante Application Library for Windows	2025-02-06 00:00:00 UTC	CISA
CVE-2024-21413	Microsoft Outlook Remote Code Execution Vulnerability	Microsoft	Microsoft Office 2019, Microsoft 365 Apps for Enterprise, Microsoft Office LTSC 2021, Microsoft Office 2016	2025-02-06 00:00:00 UTC	CISA

Displaying vulnerabilities 351 - 375 of 1850 in total