KEVIntel

Known Exploited Vulnerabilities

Curated + enriched signals for rapid prioritization

{ } JSON RSS PRO

0.7%

actively
exploited

Focus on what’s exploited

Out of 350,016 known CVEs, only 0.7% show real-world exploitation signals.

Data from public sources (including CISA) plus private sensors, enriched with prioritization metadata.

View stats Report a KEV

2,499

Total Known exploited

280

Added this week

Search

Results update as you type.

⌘K

Added

Exploitability

Type to search. Filters apply instantly.

CVE	Severity	Title	Vendor	Product	Added
CVE-2024-6047	9.8 Critical	GeoVision EOL device - OS Command Injection Remote Low complexity No user interaction	GeoVision	GV_DSP_LPR_V2, GV_IPCAMD_GV_BX1500, GV_IPCAMD_GV_CB220, GV_IPCAMD_GV_EBL1100, GV_IPCAMD_GV_EFD1100, GV_IPCAMD_GV_FD2410, GV_IPCAMD_GV_FD3400, GV_IPCAMD_GV_FE3401, GV_IPCAMD_GV_FE420, GV-VS14_VS14, GV_VS03, GV_VS2410, GV_VS28XX, GV_VS216XX, GV VS04A, GV VS04H, GVLX 4 V2, GVLX 4 V3, GV_IPCAMD_GV_BX130, GV_GM8186_VS14	about 1 year ago
CVE-2024-11120	9.8 Critical	GeoVision EOL devices - OS Command Injection Remote Low complexity No user interaction	GeoVision	GV-VS12, GV-VS11, GV-DSP_LPR_V3, GVLX 4 V2, GVLX 4 V3	about 1 year ago
CVE-2025-27363	8.1 High	An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font... Remote No user interaction	FreeType	FreeType	about 1 year ago
CVE-2024-58136	9.0 Critical	Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an __class array key, a CVE-2024-4990 regression, as exploited in the... Remote No user interaction	yiiframework	Yii	about 1 year ago
CVE-2025-34028	9.3 Critical	Commvault Command Center Innovation Release <= 11.38.25 Unathenticated Install Package Path Traversal Remote Low complexity No user interaction	Commvault	Command Center Innovation Release	about 1 year ago
CVE-2025-3248	9.8 Critical	Langflow < 1.3.0 Unauthenticated RCE via /api/v1/validate/code Remote Low complexity No user interaction	langflow-ai	langflow	about 1 year ago
CVE-2017-9844	7.5 High	SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized... Remote Low complexity No user interaction	SAP	NetWeaver	about 1 year ago
CVE-2023-44221	7.2 High	Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative... Remote Low complexity No user interaction	SonicWall	SMA100	about 1 year ago
CVE-2024-38475	9.1 Critical	Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. Remote Low complexity No user interaction	Apache Software Foundation	Apache HTTP Server	about 1 year ago
CVE-2025-3928	8.7 High	Commvault Web Server unspecified vulnerability Remote Low complexity No user interaction	Commvault	Web Server	about 1 year ago
CVE-2025-31324	10.0 Critical	Missing Authorization check in SAP NetWeaver (Visual Composer development server) Remote Low complexity No user interaction	SAP_SE	SAP NetWeaver (Visual Composer development server)	about 1 year ago
CVE-2022-22274	9.8 Critical	A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service... Remote Low complexity No user interaction	SonicWall	SonicOS	about 1 year ago
CVE-2016-10372	9.8 Critical	The Eir D1000 modem does not properly restrict the TR-064 protocol, which allows remote attackers to execute arbitrary commands via TCP port 7547,... Remote Low complexity No user interaction	Eir	D1000 modem	about 1 year ago
CVE-2019-12780	9.8 Critical	The Belkin Wemo Enabled Crock-Pot allows command injection in the Wemo UPnP API via the SmartDevURL argument to the SetSmartDevInfo action. A... Remote Low complexity No user interaction	Belkin	Wemo Enabled Crock-Pot	about 1 year ago
CVE-2023-26801	9.8 Critical	LB-LINK BL-AC1900_2.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command... Remote Low complexity No user interaction	LB-LINK	BL-AC1900_2.0, BL-WR9000, BL-X26, BL-LTE300	about 1 year ago
CVE-2023-24488	6.1 Medium	Cross site scripting Remote Low complexity	Citrix	Citrix ADC and Citrix Gateway	about 1 year ago
CVE-2024-3721	6.3 Medium	TBK DVR-4104/DVR-4216 os command injection Remote Low complexity No user interaction	TBK	DVR-4104, DVR-4216	about 1 year ago
CVE-2023-38646	9.8 Critical	Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the... Remote Low complexity No user interaction	Metabase	Metabase	about 1 year ago
CVE-2025-2825	—	No title available			about 1 year ago
CVE-2023-0656	7.5 High	A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could... Remote Low complexity No user interaction	SonicWall	SonicOS	about 1 year ago
CVE-2021-27850	9.8 Critical	Bypass of the fix for CVE-2019-0195 Remote Low complexity No user interaction	Apache Software Foundation	Apache Tapestry	about 1 year ago
CVE-2021-25003	9.8 Critical	WPCargo < 6.9.0 - Unauthenticated RCE Remote Low complexity No user interaction	Unknown	WPCargo Track & Trace	about 1 year ago
CVE-2021-25899	7.5 High	An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. An unauthenticated attacker can send a crafted HTTP request to perform... Remote Low complexity No user interaction	Void	Aural Rec Monitor	about 1 year ago
CVE-2021-26295	9.8 Critical	RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI Remote Low complexity No user interaction	Apache Software Foundation	Apache OFBiz	about 1 year ago
CVE-2021-4191	5.3 Medium	An issue has been discovered in GitLab CE/EE affecting versions 13.0 to 14.6.5, 14.7 to 14.7.4, and 14.8 to 14.8.2. Private GitLab instances with... Remote Low complexity No user interaction	GitLab	GitLab	about 1 year ago

Displaying vulnerabilities 876 - 900 of 2499 in total