Known Exploited Vulnerabilities

Focus on What Matters

There are 349,612 vulnerabilities in the CVE database.
Whilst only 1.1% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

Aware of a KEV not on the list? Let us know!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2024-13991	Huijietong Cloud Video Platform fileDownload Arbitrary File Read	Huijietong	Cloud Video Platform	2026-06-01 10:43:25 UTC	CVE
CVE-2025-43027	A critical severity vulnerability has been identified in the ALPR Manager role of Security Center that could allow attackers to gain administrative...	Genetec Inc.	Genetec Security Center	2026-06-01 10:43:11 UTC	CVE
CVE-2025-41244	VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246)	VMware	VCF operations, VMware tools, VMware Aria Operations, VMware Cloud Foundation, VMware Telco Cloud Platform, VMware Telco Cloud Infrastructure	2026-06-01 10:43:11 UTC	CVE
CVE-2023-7325	Mingyu Operations and Maintenance Audit and Risk Control System xmlrpc.sock SSRF	Anheng Information (Hangzhou DBAPP Security Information Technology Co., Ltd.)	Mingyu Operations and Maintenance Audit and Risk Control System	2026-06-01 10:43:10 UTC	CVE
CVE-2021-4461	Seeyon Zhiyuan OA Web Application System < 7.0 SP1 Authentication Bypass	Seeyon	Zhiyuan OA Web Application System	2026-06-01 10:43:10 UTC	CVE
CVE-2025-6205	Missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025	Dassault Systèmes	DELMIA Apriso	2026-06-01 10:43:05 UTC	CVE
CVE-2025-6204	Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025	Dassault Systèmes	DELMIA Apriso	2026-06-01 10:43:05 UTC	CVE
CVE-2025-59287	Windows Server Update Service (WSUS) Remote Code Execution Vulnerability	Microsoft	Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)	2026-06-01 10:42:54 UTC	CVE
CVE-2025-54236	Adobe Commerce \| Improper Input Validation (CWE-20)	Adobe	Adobe Commerce	2026-06-01 10:42:53 UTC	CVE
CVE-2025-61932	Lanscope Endpoint Manager (On-Premises) (Client program (MR) and Detection agent (DA)) improperly verifies the origin of incoming requests,...	MOTEX Inc.	Lanscope Endpoint Manager (On-Premises) (Client program (MR) and Detection agent (DA))	2026-06-01 10:42:47 UTC	CVE
CVE-2024-58274	Hikvision CSMP (Comprehensive Security Management Platform) iSecure Center through 2024-08-01 allows execution of a command within $( ) in...	Hikvision	CSMP iSecure Center	2026-06-01 10:42:46 UTC	CVE
CVE-2023-53691	Hikvision CSMP (Comprehensive Security Management Platform) iSecure Center through 2023-06-25 allows file upload via /center/api/files directory...	Hikvision	CSMP iSecure Center	2026-06-01 10:42:45 UTC	CVE
CVE-2016-15048	AMTT HiBOS Command Injection RCE via server_ping.php	Anmei Century (Beijing) Technology Co., Ltd.	Hotel Broadband Operation System (HiBOS)	2026-06-01 10:42:45 UTC	CVE
CVE-2025-33073	Windows SMB Client Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1507, Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)	2026-06-01 10:42:30 UTC	CVE
CVE-2025-2747	Kentico Xperience <= 13.0.178 Staging Sync Server None Password Type Authentication Bypass	Kentico	Xperience	2026-06-01 10:42:30 UTC	CVE
CVE-2025-2746	Kentico Xperience <= 13.0.172 Staging Sync Server Digest Password Authentication Bypass	Kentico	Xperience	2026-06-01 10:42:30 UTC	CVE
CVE-2022-48503	The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5,...	Apple	macOS, tvOS, Safari, watchOS, iOS and iPadOS	2026-06-01 10:42:30 UTC	CVE
CVE-2018-25118	GeoVision Command Injection RCE via /PictureCatch.cgi	GeoVision Inc.	GV-BX1500, GV-MFD1501, GeoVision embedded IP devices	2026-06-01 10:42:30 UTC	CVE
CVE-2017-20207	Flickr Gallery <= 1.5.2 - Unauthenticated PHP Object Injection	Dan Coulter	Flickr Gallery	2026-06-01 10:42:26 UTC	CVE
CVE-2017-20206	Appointments <= 2.2.1 - Unauthenticated PHP Object Injection	wpmudev	Appointments	2026-06-01 10:42:26 UTC	CVE
CVE-2025-61884	Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Runtime UI). Supported versions that are affected are...	Oracle Corporation	Oracle Configurator	2026-06-01 10:42:20 UTC	CVE
CVE-2025-54253	Adobe Experience Manager \| Incorrect Authorization (CWE-863)	Adobe	Adobe Experience Manager	2026-06-01 10:42:16 UTC	CVE
CVE-2011-10033	WordPress Plugin is-human <= v1.4.2 Eval Injection RCE	is-human WordPress Plugin	is-human WordPress Plugin	2026-06-01 10:42:14 UTC	CVE
CVE-2025-6264	Velociraptor priviledge escalation via UpdateConfig artifact	Rapid7	Velociraptor	2026-06-01 10:42:11 UTC	CVE
CVE-2025-59230	Windows Remote Access Connection Manager Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1507, Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows 11 Version 25H2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)	2026-06-01 10:42:11 UTC	CVE

Displaying vulnerabilities 151 - 175 of 3822 in total