Known Exploited Vulnerabilities

Focus on What Matters

There are 349,612 vulnerabilities in the CVE database.
Whilst only 1.1% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

Aware of a KEV not on the list? Let us know!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2026-24858	An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5,...	Fortinet	FortiOS, FortiManager, FortiAnalyzer, FortiProxy, FortiWeb	2026-06-01 10:49:56 UTC	CVE
CVE-2026-24061	telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.	GNU	Inetutils	2026-06-01 10:49:50 UTC	CVE
CVE-2026-23760	SmarterTools SmarterMail < Build 9511 Authentication Bypass via Password Reset API	SmarterTools	SmarterMail	2026-06-01 10:49:49 UTC	CVE
CVE-2026-21509	Microsoft Office Security Feature Bypass Vulnerability	Microsoft	Microsoft 365 Apps for Enterprise, Microsoft Office 2016, Microsoft Office 2019, Microsoft Office LTSC 2021, Microsoft Office LTSC 2024	2026-06-01 10:49:49 UTC	CVE
CVE-2025-52691	Upload Arbitrary Files	SmarterTools	SmarterMail	2026-06-01 10:49:47 UTC	CVE
CVE-2018-14634	An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise...	The Linux Foundation	kernel	2026-06-01 10:49:47 UTC	CVE
CVE-2024-37079	vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to...	n/a	VMware vCenter Server, VMware Cloud Foundation	2026-06-01 10:49:38 UTC	CVE
CVE-2025-68645	A Local File Inclusion (LFI) vulnerability exists in the Webmail Classic UI of Zimbra Collaboration (ZCS) 10.0 and 10.1 because of improper...	n/a	n/a	2026-06-01 10:49:33 UTC	CVE
CVE-2025-54313	eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package...	prettier	eslint-config-prettier	2026-06-01 10:49:32 UTC	CVE
CVE-2025-34026	Versa Concerto Actuator Authentication Bypass Information Leak	Versa	Concerto	2026-06-01 10:49:32 UTC	CVE
CVE-2025-31125	Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query	vitejs	vite	2026-06-01 10:49:32 UTC	CVE
CVE-2026-20045	Cisco Unified Communications Products Remote Code Execution Vulnerability	Cisco	Cisco Unified Communications Manager, Cisco Unified Communications Manager IM and Presence Service, Cisco Unity Connection	2026-06-01 10:49:29 UTC	CVE
CVE-2026-20805	Desktop Window Manager Information Disclosure Vulnerability	Microsoft	Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows 11 Version 25H2, Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)	2026-06-01 10:48:47 UTC	CVE
CVE-2025-70974	Fastjson before 1.2.48 mishandles autoType because, when an @type key is in a JSON document, and the value of that key is the name of a Java class,...	Alibaba	Fastjson	2026-06-01 10:48:34 UTC	CVE
CVE-2025-37164	A remote code execution issue exists in HPE OneView.	Hewlett Packard Enterprise (HPE)	HPE OneView	2026-06-01 10:48:30 UTC	CVE
CVE-2026-0625	D-Link DSL/DIR/DNS Authentication Bypass via DNS Configuration Endpoint	D-Link	DSL-2640B, DSL-2740R, DSL-2780B, DSL-526B, DSL-2640T, DSL-500, DSL-500G, DSL-502G, DIR-905L, DIR-600, DIR-608, DIR-610, DIR-611, DIR-615, DNS-320, DNS-325, DNS-345	2026-06-01 10:47:41 UTC	CVE
CVE-2025-14847	Zlib compressed protocol header length confusion may allow memory read	MongoDB Inc.	MongoDB Server	2026-06-01 10:47:16 UTC	CVE
CVE-2023-52163	Digiever DS-2105 Pro 3.1.0.71-11 devices allow time_tzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no...	n/a	n/a	2026-06-01 10:46:47 UTC	CVE
CVE-2025-14733	WatchGuard Firebox iked Out of Bounds Write Vulnerability	WatchGuard	Fireware OS	2026-06-01 10:46:40 UTC	CVE
CVE-2025-40602	A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).	SonicWall	SMA1000	2026-06-01 10:46:36 UTC	CVE
CVE-2025-59374	"UNSUPPORTED WHEN ASSIGNED" Certain versions of the ASUS Live Update client were distributed with unauthorized modifications introduced...	ASUS	live update	2026-06-01 10:46:31 UTC	CVE
CVE-2025-43529	A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2...	Apple	Safari, iOS and iPadOS, macOS, tvOS, visionOS, watchOS	2026-06-01 10:46:30 UTC	CVE
CVE-2025-20393	Cisco Secure Email Gateway and Cisco Secure Email and Web Manager Remote Command Execution Vulnerability	Cisco	Cisco Secure Email, Cisco Secure Email and Web Manager	2026-06-01 10:46:29 UTC	CVE
CVE-2025-59718	A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS...	Fortinet	FortiSwitchManager, FortiOS, FortiProxy	2026-06-01 10:46:24 UTC	CVE
CVE-2025-14611	Gladinet CentreStack and TrioFox Hard Coded AES Keys	Gladinet	CentreStack and TrioFox	2026-06-01 10:46:18 UTC	CVE

Displaying vulnerabilities 101 - 125 of 3822 in total