Known Exploited Vulnerabilities

Focus on What Matters

There are 349,612 vulnerabilities in the CVE database.
Whilst only 1.1% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

Aware of a KEV not on the list? Let us know!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2026-22769	Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as...	Dell	RecoverPoint for Virtual Machines	2026-06-01 10:59:33 UTC	CVE
CVE-2021-22175	When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab affecting all versions...	GitLab	GitLab	2026-06-01 10:59:30 UTC	CVE
CVE-2026-2441	Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted...	Google	Chrome	2026-06-01 10:57:11 UTC	CVE
CVE-2024-7694	TeamT5 ThreatSonar Anti-Ransomware - Arbitrary File Upload	TeamT5	ThreatSonar Anti-Ransomware	2026-06-01 10:57:09 UTC	CVE
CVE-2020-7796	Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF when WebEx zimlet is installed and zimlet JSP is enabled.	n/a	n/a	2026-06-01 10:57:09 UTC	CVE
CVE-2026-1731	Remote code execution vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)	BeyondTrust	Remote Support(RS) & Privileged Remote Access(PRA)	2026-06-01 10:51:06 UTC	CVE
CVE-2025-40536	SolarWinds Web Help Desk Security Control Bypass Vulnerability	SolarWinds	Web Help Desk	2026-06-01 10:50:56 UTC	CVE
CVE-2025-15556	Notepad++ < 8.8.9 WinGUp Updater Lacks Update Integrity Verification	notepad-plus-plus	notepad-plus-plus	2026-06-01 10:50:56 UTC	CVE
CVE-2024-43468	Microsoft Configuration Manager Remote Code Execution Vulnerability	Microsoft	Microsoft Configuration Manager	2026-06-01 10:50:56 UTC	CVE
CVE-2026-20700	A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS...	Apple	iOS and iPadOS, macOS, tvOS, visionOS, watchOS	2026-06-01 10:50:52 UTC	CVE
CVE-2026-21533	Windows Remote Desktop Services Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows 11 Version 25H2, Windows 11 version 26H1, Windows 11 Version 26H1, Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)	2026-06-01 10:50:47 UTC	CVE
CVE-2026-21525	Windows Remote Access Connection Manager Denial of Service Vulnerability	Microsoft	Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows 11 Version 25H2, Windows 11 version 26H1, Windows 11 Version 26H1, Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)	2026-06-01 10:50:47 UTC	CVE
CVE-2026-21519	Desktop Window Manager Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows 11 Version 25H2, Windows 11 version 26H1, Windows 11 Version 26H1, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)	2026-06-01 10:50:47 UTC	CVE
CVE-2026-21514	Microsoft Word Security Feature Bypass Vulnerability	Microsoft	Microsoft 365 Apps for Enterprise, Microsoft Office LTSC 2021, Microsoft Office LTSC 2024, Microsoft Office LTSC for Mac 2021, Microsoft Office LTSC for Mac 2024	2026-06-01 10:50:47 UTC	CVE
CVE-2026-21513	MSHTML Framework Security Feature Bypass Vulnerability	Microsoft	Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows 11 Version 25H2, Windows 11 version 26H1, Windows 11 Version 26H1, Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)	2026-06-01 10:50:47 UTC	CVE
CVE-2026-21510	Windows Shell Security Feature Bypass Vulnerability	Microsoft	Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows 11 Version 25H2, Windows 11 version 26H1, Windows 11 Version 26H1, Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)	2026-06-01 10:50:47 UTC	CVE
CVE-2026-25815	Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in the wild from...	Fortinet	FortiOS	2026-06-01 10:50:28 UTC	CVE
CVE-2026-24423	SmarterTools SmarterMail < Build 9511 Unauthenticated RCE via ConnectToHub API	SmarterTools	SmarterMail	2026-06-01 10:50:28 UTC	CVE
CVE-2025-11953	Command injection in React Native Community CLI allows remote attackers to perform remote code execution by sending HTTP requests			2026-06-01 10:50:27 UTC	CVE
CVE-2025-64328	FreePBX Administration GUI is Vulnerable to Authenticated Command Injection	FreePBX	filestore	2026-06-01 10:50:19 UTC	CVE
CVE-2025-40551	SolarWinds Web Help Desk Deserialization of Untrusted Data Remote Code Execution Vulnerability	SolarWinds	Web Help Desk	2026-06-01 10:50:18 UTC	CVE
CVE-2021-39935	An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.5 before 14.3.6, all versions starting from 14.4 before...	GitLab	GitLab	2026-06-01 10:50:18 UTC	CVE
CVE-2019-19006	Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below have Incorrect Access Control.	n/a	n/a	2026-06-01 10:50:17 UTC	CVE
CVE-2026-25137	NixOs Odoo database and filestore publicly accessible with default odoo configuration	NixOS	nixpkgs	2026-06-01 10:50:15 UTC	CVE
CVE-2026-1281	A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.	Ivanti	Endpoint Manager Mobile	2026-06-01 10:50:03 UTC	CVE

Displaying vulnerabilities 76 - 100 of 3822 in total