Known Exploited Vulnerabilities

Focus on What Matters

There are 349,612 vulnerabilities in the CVE database.
Whilst only 1.1% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

Aware of a KEV not on the list? Let us know!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2025-47827	In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a...	n/a	n/a	2026-06-01 10:42:10 UTC	CVE
CVE-2025-24990	Windows Agere Modem Driver Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1507, Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H2, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows 11 Version 25H2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)	2026-06-01 10:42:09 UTC	CVE
CVE-2016-7836	SKYSEA Client View Ver.11.221.03 and earlier allows remote code execution via a flaw in processing authentication on the TCP connection with the...	Sky Co., LTD.	SKYSEA Client View	2026-06-01 10:42:08 UTC	CVE
CVE-2021-43798	Grafana path traversal	grafana	grafana	2026-06-01 10:41:56 UTC	CVE
CVE-2025-27915	An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0 and 10.1. A stored cross-site scripting (XSS) vulnerability exists in the...	n/a	n/a	2026-06-01 10:41:51 UTC	CVE
CVE-2025-61882	Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite (component: BI Publisher Integration). Supported versions...	Oracle Corporation	Oracle Concurrent Processing	2026-06-01 10:41:48 UTC	CVE
CVE-2021-43226	Windows Common Log File System Driver Elevation of Privilege Vulnerability	Microsoft	Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 2004, Windows Server version 2004, Windows 10 Version 20H2, Windows Server version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 7, Windows 7 Service Pack 1, Windows 8.1, Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)	2026-06-01 10:41:42 UTC	CVE
CVE-2021-22555	Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE	n/a	Linux Kernel	2026-06-01 10:41:42 UTC	CVE
CVE-2025-4008	Arbitrary Command Injection in Smartbedded MeteoBridge	Smartbedded	MeteoBridge	2026-06-01 10:41:37 UTC	CVE
CVE-2025-21043	Out-of-bounds write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code.	Samsung Mobile	Samsung Mobile Devices	2026-06-01 10:41:37 UTC	CVE
CVE-2017-1000353	Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated...	n/a	n/a	2026-06-01 10:41:37 UTC	CVE
CVE-2015-7755	Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before...	n/a	n/a	2026-06-01 10:41:37 UTC	CVE
CVE-2014-6278	GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers...	n/a	n/a	2026-06-01 10:41:37 UTC	CVE
CVE-2025-59689	Libraesva ESG 4.5 through 5.5.x before 5.5.7 allows command injection via a compressed e-mail attachment. For ESG 5.0 a fix has been released in...	Libraesva	Email Security Gateway	2026-06-01 10:41:17 UTC	CVE
CVE-2025-32463	Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot...	Sudo project	Sudo	2026-06-01 10:41:17 UTC	CVE
CVE-2025-20352	A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the...	Cisco	IOS, Cisco IOS XE Software, Cisco IOS XE Catalyst SD-WAN	2026-06-01 10:41:17 UTC	CVE
CVE-2025-10035	Deserialization Vulnerability in GoAnywhere MFT's License Servlet	Fortra	GoAnywhere MFT	2026-06-01 10:41:16 UTC	CVE
CVE-2021-21311	SSRF in adminer	vrana	adminer	2026-06-01 10:41:16 UTC	CVE
CVE-2025-20362	Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD...	Cisco	Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software	2026-06-01 10:41:10 UTC	CVE
CVE-2025-20333	A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense...	Cisco	Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software	2026-06-01 10:41:10 UTC	CVE
CVE-2025-10585	Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...	Google	Chrome	2026-06-01 10:41:06 UTC	CVE
CVE-2022-4980	General Bytes Crypto Application Server (CAS) Unauthenticated Creation of Admin Account via Default-installation/First-admin Page	General Bytes	Crypto Application Server (CAS)	2026-06-01 10:40:52 UTC	CVE
CVE-2025-5086	Deserialization of Untrusted Data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025	Dassault Systèmes	DELMIA Apriso	2026-06-01 10:40:27 UTC	CVE
CVE-2025-53690	Sitecore Products ViewState Deserialization Vulnerability	Sitecore	Experience Manager (XM), Experience Platform (XP)	2026-06-01 10:40:06 UTC	CVE
CVE-2025-48543	In multiple locations, there is a possible way to escape chrome sandbox to attack android system_server due to a use after free. This could lead to...	Google	Android	2026-06-01 10:40:05 UTC	CVE

Displaying vulnerabilities 176 - 200 of 3822 in total