KEVIntel

Known Exploited Vulnerabilities

Focus on What Matters

There are 298,512 vulnerabilities in the CVE database. Whilst only 0.6% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

0.6% Exploited

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID Vendor Source
CVE-2020-13638 rConfig The Shadowserver (via CIRCL)
CVE-2014-2321 ZTE The Shadowserver (via CIRCL)
CVE-2022-0952 click5 The Shadowserver (via CIRCL)
CVE-2021-33544 Geutebrück The Shadowserver (via CIRCL)
CVE-2020-11991 Apache Software Foundation The Shadowserver (via CIRCL)
CVE-2024-8181 FlowiseAI The Shadowserver (via CIRCL)
CVE-2022-29153 HashiCorp The Shadowserver (via CIRCL)
CVE-2017-1000170 jqueryFileTree The Shadowserver (via CIRCL)
CVE-2023-31465 FSMLabs The Shadowserver (via CIRCL)
CVE-2023-46574 TOTOLINK The Shadowserver (via CIRCL)
CVE-2023-41109 Patton LLC The Shadowserver (via CIRCL)
CVE-2023-34659 JEECG The Shadowserver (via CIRCL)
CVE-2018-19276 OpenMRS The Shadowserver (via CIRCL)
CVE-2018-2894 Oracle Corporation The Shadowserver (via CIRCL)
CVE-2024-1708 ConnectWise TheHackerNews
CVE-2024-56145 craftcms TrendMicro
CVE-2024-9047 nickboss TrendMicro
CVE-2022-1952 Syntactics, Inc. The Shadowserver (via CIRCL)
CVE-2023-2648 Weaver The Shadowserver (via CIRCL)
CVE-2020-29597 IncomCMS The Shadowserver (via CIRCL)
CVE-2025-48930 TeleMessage CVE
CVE-2025-48929 TeleMessage CVE
CVE-2025-48928 TeleMessage CVE
CVE-2025-48927 TeleMessage CVE
CVE-2025-48926 TeleMessage CVE
Displaying vulnerabilities 51 - 75 of 1864 in total