Known Exploited Vulnerabilities

Focus on What Matters

There are 297,489 vulnerabilities in the CVE database.
Whilst only 0.6% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2017-14135	enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py in the webadmin plugin for opendreambox 2.0.0 allows remote attackers to execute...	Dream Multimedia	webadmin plugin	2025-05-16 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2022-0867	ARPrice Lite < 3.6.1 - Unauthenticated SQLi	reputeinfosystems	Pricing Table Plugin	2025-05-16 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-12987	DrayTek Vigor2960/Vigor300B Web Management Interface apmcfgupload os command injection	DrayTek	Vigor2960, Vigor300B	2025-05-15 18:00:21 UTC	CISA
CVE-2025-4664	Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a...	Google	Chrome	2025-05-15 11:15:14 UTC	CyberInsider
CVE-2024-48307	JeecgBoot v3.7.1 was discovered to contain a SQL injection vulnerability via the component /onlDragDatasetHead/getTotalData.	n/a	n/a	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-28734	Cross Site Scripting vulnerability in Unit4 Financials by Coda prior to 2023Q4 allows a remote attacker to run arbitrary code via a crafted GET...	n/a	n/a	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-2330	Netentsec NS-ASG Application Security Gateway index.php sql injection	Netentsec	NS-ASG Application Security Gateway	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-48455	An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.3749 and Netis Wifi 11AC Router NC63 3.0.0.3327...	Netis	Wifi6 Router	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-57049	A vulnerability in the TP-Link Archer c20 router with firmware version V6.6_230412 and earlier permits unauthorized individuals to bypass the...	n/a	n/a	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-45388	Arbitrary file read in the `/api/v2/simulation` endpoint in hoverfly (`GHSL-2023-274`)	SpectoLabs	hoverfly	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-1698	The NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor plugin for WordPress is vulnerable to...	wpdevteam	NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-27956	WordPress Automatic plugin <= 3.92.0 - Unauthenticated Arbitrary SQL Execution vulnerability	ValvePress	Automatic	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-39713	A Server-Side Request Forgery (SSRF) affects Rocket.Chat's Twilio webhook endpoint before version 6.10.1.	Rocket.Chat	Rocket.Chat	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-45507	Apache OFBiz: Prevent use of URLs in files when loading them from Java or Groovy, leading to a RCE	Apache Software Foundation	Apache OFBiz	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-6188	Parsec Automation TrackSYS pagedefinition direct request	Parsec Automation	TrackSYS	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-10081	CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication bypass...	Ericsson	CodeChecker	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-29973	The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before...	Zyxel	NAS326 firmware, NAS542 firmware	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-31750	SQL injection vulnerability in f-logic datacube3 v.1.0 allows a remote attacker to obtain sensitive information via the req_id parameter.	n/a	n/a	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-38514	NextChat Server-Side Request Forgery (SSRF)	ChatGPTNextWeb	ChatGPT-Next-Web	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-28255	Authentication Bypass in OpenMetadata	open-metadata	OpenMetadata	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-37032	Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64 hex digits) when getting the model path, and thus mishandles the...	Ollama	Ollama	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-38289	A boolean-based SQL injection issue in the Virtual Meeting Password (VMP) endpoint in R-HUB TurboMeeting through 8.x allows unauthenticated remote...	n/a	n/a	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-25852	Linksys RE7000 v2.0.9, v2.0.11, and v2.0.15 have a command execution vulnerability in the "AccessControlList" parameter of the access control...	Linksys	RE7000	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2023-5148	D-Link DAR-7000/DAR-8000 uploadfile.php unrestricted upload	D-Link	DAR-7000, DAR-8000	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)
CVE-2024-34257	TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypType parameter that allows unauthorized execution of arbitrary...	TOTOLINK	EX1800T	2025-05-15 00:00:00 UTC	The Shadowserver (via CIRCL)

Displaying vulnerabilities 101 - 125 of 1850 in total