Known Exploited Vulnerabilities

Focus on What Matters

There are 304,048 vulnerabilities in the CVE database.
Whilst only 0.7% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2019-9874	Deserialization of Untrusted Data in the Sitecore.Security.AntiCSRF (aka anti CSRF) module in Sitecore CMS 7.0 to 7.2 and Sitecore XP 7.5 to 8.2...	Sitecore	CMS	2025-03-26 00:00:00 UTC	CISA
CVE-2019-9875	Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1 allows an authenticated attacker to execute arbitrary code by...	Sitecore	Sitecore CMS	2025-03-26 00:00:00 UTC	CISA
CVE-2025-30154	Multiple Reviewdog actions were compromised during a specific time period	reviewdog	reviewdog	2025-03-24 00:00:00 UTC	CISA
CVE-2025-30349	Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted...	Horde	IMP	2025-03-21 00:00:00 UTC	CVE
CVE-2025-30259	The WhatsApp cloud service before late 2024 did not block certain crafted PDF content that can defeat a sandbox protection mechanism and...	Meta	WhatsApp cloud service	2025-03-20 00:00:00 UTC	CVE
CVE-2025-1316	Edimax IC-7100 IP Camera OS Command Injection	Edimax	IC-7100 IP Camera	2025-03-19 00:00:00 UTC	CISA
CVE-2024-48248	NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lead...	NAKIVO	Backup & Replication Director	2025-03-19 00:00:00 UTC	CISA
CVE-2017-12637	Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote...	SAP	NetWeaver Application Server Java	2025-03-19 00:00:00 UTC	CISA
CVE-2025-24472	An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy...	Fortinet	FortiProxy, FortiOS	2025-03-18 00:00:00 UTC	CISA
CVE-2025-30066	tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were affected...	tj-actions	changed-files	2025-03-18 00:00:00 UTC	CISA
CVE-2025-21590	Junos OS: An local attacker with shell access can execute arbitrary code	Juniper Networks	Junos OS	2025-03-13 00:00:00 UTC	CISA
CVE-2025-24201	An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2...	Apple	iOS and iPadOS, macOS, visionOS, Safari, watchOS, iPadOS	2025-03-13 00:00:00 UTC	CISA
CVE-2025-27363	An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font...	FreeType	FreeType	2025-03-11 00:00:00 UTC	CVE
CVE-2025-24983	Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2025-03-11 00:00:00 UTC	CISA
CVE-2025-24984	Windows NTFS Information Disclosure Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows Server 2025 (Server Core installation), Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows Server 2025, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2025-03-11 00:00:00 UTC	CISA
CVE-2025-24985	Windows Fast FAT File System Driver Remote Code Execution Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows Server 2025 (Server Core installation), Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows Server 2025, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2025-03-11 00:00:00 UTC	CISA
CVE-2025-24991	Windows NTFS Information Disclosure Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows Server 2025 (Server Core installation), Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows Server 2025, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2025-03-11 00:00:00 UTC	CISA
CVE-2025-26633	Microsoft Management Console Security Feature Bypass Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows Server 2025 (Server Core installation), Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows Server 2025, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2025-03-11 00:00:00 UTC	CISA
CVE-2025-24993	Windows NTFS Remote Code Execution Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows Server 2025 (Server Core installation), Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows Server 2025, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2025-03-11 00:00:00 UTC	CISA
CVE-2024-57968	Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to unintended folders (e.g., ones that are accessible during...	Advantive	VeraCore	2025-03-10 00:00:00 UTC	CISA
CVE-2024-13159	Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote...	Ivanti	Endpoint Manager	2025-03-10 00:00:00 UTC	CISA
CVE-2025-25181	A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL...	Advantive	VeraCore	2025-03-10 00:00:00 UTC	CISA
CVE-2024-13160	Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote...	Ivanti	Endpoint Manager	2025-03-10 00:00:00 UTC	CISA
CVE-2024-13161	Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote...	Ivanti	Endpoint Manager	2025-03-10 00:00:00 UTC	CISA
CVE-2025-22226	VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious...	n/a	ESXi, VMware Workstation, VMware Fusion, VMware Cloud Foundation, VMware Telco Cloud Platform, VMware Telco Cloud Infrastructure	2025-03-04 00:00:00 UTC	CISA

Displaying vulnerabilities 476 - 500 of 2008 in total