KEVIntel

Known Exploited Vulnerabilities

Focus on What Matters

There are 303,054 vulnerabilities in the CVE database. Whilst only 0.7% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

0.7% Exploited

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID Vendor Source
CVE-2024-2389 Progress Software The Shadowserver (via CIRCL)
CVE-2024-22319 IBM The Shadowserver (via CIRCL)
CVE-2020-12720 vBulletin The Shadowserver (via CIRCL)
CVE-2020-24589 WSO2 The Shadowserver (via CIRCL)
CVE-2024-0769 D-Link CISA
CVE-2025-6543 NetScaler TheHackerNews
CVE-2025-26319 FlowiseAI The Shadowserver (via CIRCL)
CVE-2025-27112 navidrome The Shadowserver (via CIRCL)
CVE-2025-2777 SysAid The Shadowserver (via CIRCL)
CVE-2025-26793 Hirsch The Shadowserver (via CIRCL)
CVE-2025-2775 SysAid The Shadowserver (via CIRCL)
CVE-2025-2776 SysAid The Shadowserver (via CIRCL)
CVE-2025-2294 extendthemes The Shadowserver (via CIRCL)
CVE-2025-52572 hikariatama CVE
CVE-2024-54085 AMI CVE
CVE-2019-6693 Fortinet CVE
CVE-2025-34037 Linksys CVE
CVE-2018-0127 Cisco The Shadowserver (via CIRCL)
CVE-2021-41293 ECOA The Shadowserver (via CIRCL)
CVE-2025-0868 Arc53 The Shadowserver (via CIRCL)
CVE-2020-11455 LimeSurvey The Shadowserver (via CIRCL)
CVE-2018-14912 CGit The Shadowserver (via CIRCL)
CVE-2018-11222 Artica The Shadowserver (via CIRCL)
CVE-2025-4322 StylemixThemes Wordfence
CVE-2024-7120 Raisecom The Shadowserver (via CIRCL)
Displaying vulnerabilities 101 - 125 of 1982 in total