Known Exploited Vulnerabilities

Focus on What Matters

There are 297,520 vulnerabilities in the CVE database.
Whilst only 0.6% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2021-27065	Microsoft Exchange Server Remote Code Execution Vulnerability	Microsoft	Microsoft Exchange Server 2019, Microsoft Exchange Server 2013 Cumulative Update 22, Microsoft Exchange Server 2019 Cumulative Update 2, Microsoft Exchange Server 2016 Cumulative Update 13, Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2019 Cumulative Update 3, Microsoft Exchange Server 2016 Cumulative Update 14, Microsoft Exchange Server 2019 Cumulative Update 4, Microsoft Exchange Server 2016 Cumulative Update 15, Microsoft Exchange Server 2019 Cumulative Update 5, Microsoft Exchange Server 2019 Cumulative Update 6, Microsoft Exchange Server 2016 Cumulative Update 16, Microsoft Exchange Server 2016 Cumulative Update 17, Microsoft Exchange Server 2019 Cumulative Update 7, Microsoft Exchange Server 2016 Cumulative Update 18, Microsoft Exchange Server 2016 Cumulative Update 19, Microsoft Exchange Server 2019 Cumulative Update 8, Microsoft Exchange Server 2013 Service Pack 1, Microsoft Exchange Server 2013 Cumulative Update 21, Microsoft Exchange Server 2016 Cumulative Update 12, Microsoft Exchange Server 2016 Cumulative Update 8, Microsoft Exchange Server 2019 Cumulative Update 1, Microsoft Exchange Server 2016 Cumulative Update 9, Microsoft Exchange Server 2016 Cumulative Update 10, Microsoft Exchange Server 2016 Cumulative Update 11	2021-11-03 00:00:00 UTC	CISA
CVE-2021-26858	Microsoft Exchange Server Remote Code Execution Vulnerability	Microsoft	Microsoft Exchange Server 2019, Microsoft Exchange Server 2013 Cumulative Update 22, Microsoft Exchange Server 2019 Cumulative Update 2, Microsoft Exchange Server 2016 Cumulative Update 13, Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2019 Cumulative Update 3, Microsoft Exchange Server 2016 Cumulative Update 14, Microsoft Exchange Server 2019 Cumulative Update 4, Microsoft Exchange Server 2016 Cumulative Update 15, Microsoft Exchange Server 2019 Cumulative Update 5, Microsoft Exchange Server 2019 Cumulative Update 6, Microsoft Exchange Server 2016 Cumulative Update 16, Microsoft Exchange Server 2016 Cumulative Update 17, Microsoft Exchange Server 2019 Cumulative Update 7, Microsoft Exchange Server 2016 Cumulative Update 18, Microsoft Exchange Server 2016 Cumulative Update 19, Microsoft Exchange Server 2019 Cumulative Update 8, Microsoft Exchange Server 2013 Cumulative Update 21, Microsoft Exchange Server 2016 Cumulative Update 12, Microsoft Exchange Server 2016 Cumulative Update 8, Microsoft Exchange Server 2019 Cumulative Update 1, Microsoft Exchange Server 2016 Cumulative Update 9, Microsoft Exchange Server 2016 Cumulative Update 10, Microsoft Exchange Server 2016 Cumulative Update 11	2021-11-03 00:00:00 UTC	CISA
CVE-2021-26855	Microsoft Exchange Server Remote Code Execution Vulnerability	Microsoft	Microsoft Exchange Server 2016 Cumulative Update 19, Microsoft Exchange Server 2019 Cumulative Update 8, Microsoft Exchange Server 2019, Microsoft Exchange Server 2013 Cumulative Update 22, Microsoft Exchange Server 2019 Cumulative Update 2, Microsoft Exchange Server 2016 Cumulative Update 13, Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2019 Cumulative Update 3, Microsoft Exchange Server 2016 Cumulative Update 14, Microsoft Exchange Server 2019 Cumulative Update 4, Microsoft Exchange Server 2016 Cumulative Update 15, Microsoft Exchange Server 2019 Cumulative Update 5, Microsoft Exchange Server 2019 Cumulative Update 6, Microsoft Exchange Server 2016 Cumulative Update 16, Microsoft Exchange Server 2016 Cumulative Update 17, Microsoft Exchange Server 2019 Cumulative Update 7, Microsoft Exchange Server 2016 Cumulative Update 18, Microsoft Exchange Server 2013 Cumulative Update 21, Microsoft Exchange Server 2016 Cumulative Update 12, Microsoft Exchange Server 2016 Cumulative Update 8, Microsoft Exchange Server 2019 Cumulative Update 1, Microsoft Exchange Server 2016 Cumulative Update 9, Microsoft Exchange Server 2016 Cumulative Update 10, Microsoft Exchange Server 2016 Cumulative Update 11	2021-11-03 00:00:00 UTC	CISA
CVE-2020-1472	Netlogon Elevation of Privilege Vulnerability	Microsoft	Windows Server version 2004, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server, version 1909 (Server Core installation), Windows Server, version 1903 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server version 20H2	2021-11-03 00:00:00 UTC	CISA
CVE-2020-0968	A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting...	Microsoft	Internet Explorer 9, Internet Explorer 11, Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems, Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems, Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems, Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems, Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems, Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems, Internet Explorer 11 on Windows Server 2012	2021-11-03 00:00:00 UTC	CISA
CVE-2017-11774	Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft...	Microsoft	Microsoft Outlook	2021-11-03 00:00:00 UTC	CISA
CVE-2019-1429	A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting...	Microsoft	Internet Explorer 9, Internet Explorer 11, Internet Explorer 11 on Windows Server 2012, Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems, Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems, Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems, Internet Explorer 10	2021-11-03 00:00:00 UTC	CISA
CVE-2020-1380	Scripting Engine Memory Corruption Vulnerability	Microsoft	Internet Explorer 11	2021-11-03 00:00:00 UTC	CISA
CVE-2017-0199	Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server...	Microsoft	Office/WordPad	2021-11-03 00:00:00 UTC	CISA
CVE-2019-1367	A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting...	Microsoft	Internet Explorer 9, Internet Explorer 11, Internet Explorer 11 on Windows Server 2012, Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems, Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems, Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems, Internet Explorer 10	2021-11-03 00:00:00 UTC	CISA
CVE-2021-27059	Microsoft Office Remote Code Execution Vulnerability	Microsoft	Microsoft Office 2016, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1	2021-11-03 00:00:00 UTC	CISA
CVE-2020-0674	A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting...	Microsoft	Internet Explorer 10, Internet Explorer 11, Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems, Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems, Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems, Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems, Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems, Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems, Internet Explorer 11 on Windows Server 2012, Internet Explorer 9	2021-11-03 00:00:00 UTC	CISA
CVE-2017-11882	Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow...	Microsoft	Microsoft Office	2021-11-03 00:00:00 UTC	CISA
CVE-2019-0541	A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution...	Microsoft	Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, Internet Explorer 10, Office	2021-11-03 00:00:00 UTC	CISA
CVE-2021-27085	Internet Explorer Remote Code Execution Vulnerability	Microsoft	Internet Explorer 11	2021-11-03 00:00:00 UTC	CISA
CVE-2015-1641	Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word...	Microsoft	Word	2021-11-03 00:00:00 UTC	CISA
CVE-2012-0158	The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003...	Microsoft	Office	2021-11-03 00:00:00 UTC	CISA
CVE-2018-0802	Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution...	Microsoft	Equation Editor	2021-11-03 00:00:00 UTC	CISA
CVE-2018-0798	Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution...	Microsoft	Equation Editor	2021-11-03 00:00:00 UTC	CISA
CVE-2019-1215	An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege...	Microsoft	Windows, Windows Server, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation)	2021-11-03 00:00:00 UTC	CISA
CVE-2021-36942	Windows LSA Spoofing Vulnerability	Microsoft	Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server version 2004, Windows Server version 20H2, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2021-11-03 00:00:00 UTC	CISA
CVE-2019-0797	An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k...	Microsoft	Windows Server, Windows	2021-11-03 00:00:00 UTC	CISA
CVE-2018-8653	A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting...	Microsoft	Internet Explorer 9, Internet Explorer 11, Internet Explorer 10	2021-11-03 00:00:00 UTC	CISA
CVE-2017-8759	Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or...	Microsoft	Microsoft .NET Framework	2021-11-03 00:00:00 UTC	CISA
CVE-2021-40444	Microsoft MSHTML Remote Code Execution Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 2004, Windows Server version 2004, Windows 10 Version 20H2, Windows Server version 20H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 7, Windows 7 Service Pack 1, Windows 8.1, Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2021-11-03 00:00:00 UTC	CISA

Displaying vulnerabilities 1651 - 1675 of 1850 in total