Known Exploited Vulnerabilities

Focus on What Matters

There are 349,612 vulnerabilities in the CVE database.
Whilst only 1.1% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

Aware of a KEV not on the list? Let us know!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2026-20133	A vulnerability in Cisco Catalyst SD-WAN Software could allow an unauthenticated, remote attacker to view sensitive information on an affected...	Cisco	Cisco Catalyst SD-WAN Manager	2026-06-01 13:22:22 UTC	CVE
CVE-2026-20128	Cisco Catalyst SD-WAN Manager Information Disclosure Vulnerability	Cisco	Cisco Catalyst SD-WAN Manager	2026-06-01 13:22:22 UTC	CVE
CVE-2026-20122	Cisco Catalyst SD-WAN Manager Arbitrary File Overwrite Vulnerability	Cisco	Cisco Catalyst SD-WAN Manager	2026-06-01 13:22:22 UTC	CVE
CVE-2025-48700	An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0 and 10.0 and 10.1. A Cross-Site Scripting (XSS) vulnerability in the Zimbra...	n/a	n/a	2026-06-01 13:22:22 UTC	CVE
CVE-2025-32975	Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch...	n/a	n/a	2026-06-01 13:22:22 UTC	CVE
CVE-2025-2749	Kentico Xperience <= 13.0.178 Staging Media File Upload Authenticated RCE	Kentico	Xperience	2026-06-01 13:22:22 UTC	CVE
CVE-2023-27351	This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication...	PaperCut	NG	2026-06-01 13:22:22 UTC	CVE
CVE-2026-34197	Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans	Apache Software Foundation	Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ	2026-06-01 13:07:29 UTC	CVE
CVE-2026-32201	Microsoft SharePoint Server Spoofing Vulnerability	Microsoft	Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2019, Microsoft SharePoint Server Subscription Edition	2026-06-01 13:07:19 UTC	CVE
CVE-2026-34621	Acrobat Reader \| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)	Adobe	Acrobat Reader	2026-06-01 13:07:13 UTC	CVE
CVE-2026-21643	An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an...	Fortinet	FortiClientEMS	2026-06-01 13:07:11 UTC	CVE
CVE-2025-60710	Host Process for Windows Tasks Elevation of Privilege Vulnerability	Microsoft	Windows 11 Version 24H2, Windows 11 Version 25H2, Windows Server 2025, Windows Server 2025 (Server Core installation)	2026-06-01 13:07:10 UTC	CVE
CVE-2023-36424	Windows Common Log File System Driver Elevation of Privilege Vulnerability	Microsoft	Windows 11 version 22H3, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 23H2, Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2026-06-01 13:07:10 UTC	CVE
CVE-2023-21529	Microsoft Exchange Server Remote Code Execution Vulnerability	Microsoft	Microsoft Exchange Server 2019 Cumulative Update 12, Microsoft Exchange Server 2019 Cumulative Update 11, Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2016 Cumulative Update 23	2026-06-01 13:07:10 UTC	CVE
CVE-2020-9715	Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an...	Adobe	Adobe Acrobat and Reader	2026-06-01 13:07:09 UTC	CVE
CVE-2026-1340	A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.	Ivanti	Endpoint Manager Mobile	2026-06-01 13:06:56 UTC	CVE
CVE-2026-35616	A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute...	Fortinet	FortiClientEMS	2026-06-01 12:43:11 UTC	CVE
CVE-2026-3502	TrueConf Client Update Integrity Verification Bypass	TrueConf	TrueConf Client	2026-06-01 12:42:57 UTC	CVE
CVE-2026-5281	Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute...	Google	Chrome	2026-06-01 12:42:47 UTC	CVE
CVE-2026-3055	Insufficient input validation leading to memory overread	NetScaler	ADC, Gateway	2026-06-01 12:26:24 UTC	CVE
CVE-2025-53521	BigIP APM Vulnerability	F5	BIG-IP	2026-06-01 12:26:16 UTC	CVE
CVE-2026-33634	Trivy ecosystem supply chain briefly compromised	aquasecurity, BerriAI, team-telnyx	setup-trivy, trivy-action, trivy, LiteLLM, telnyx	2026-06-01 12:26:13 UTC	CVE
CVE-2026-33017	Langflow has Unauthenticated Remote Code Execution via Public Flow Build Endpoint	langflow-ai	langflow	2026-06-01 12:26:07 UTC	CVE
CVE-2025-54068	Livewire vulnerable to remote command execution during property update hydration	livewire	livewire	2026-06-01 12:25:49 UTC	CVE
CVE-2025-43520	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS...	Apple	iOS and iPadOS, macOS, tvOS, visionOS, watchOS	2026-06-01 12:25:49 UTC	CVE

Displaying vulnerabilities 26 - 50 of 3822 in total