Known Exploited Vulnerabilities

Focus on What Matters

There are 302,926 vulnerabilities in the CVE database.
Whilst only 0.7% are ever actively exploited.

This list contains the vulnerabilities that are actively exploited by malware and threat actors that you should prioritize first.

This table displays known exploited vulnerabilities (KEVs) that have been cataloged from over 60 public sources, including CISA, and our own private sensors. Each entry links to a CVE identifier, where the CVE details are enriched with EPSS scores, online mentions, scanner inclusion, exploitation, tags, and other metadata. The goal is to be an early warning system, even before being published by CISA. More data and features coming soon!

CVE ID	Title	Vendor	Product	Added	Source
CVE-2007-4428	Lhaz 1.33 allows remote attackers to execute arbitrary code via unknown vectors, as actively exploited in August 2007 by the Exploit-LHAZ.a gzip...	n/a	Lhaz	2007-08-20 19:00:00 UTC	CVE
CVE-2007-4429	Unspecified vulnerability in Skype allows remote attackers to cause a denial of service (server hang) via unknown vectors related to sending long...	Skype	Skype	2007-08-20 19:00:00 UTC	CVE
CVE-2007-4246	Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code...	Justsystem	Ichitaro	2007-08-08 23:00:00 UTC	CVE
CVE-2006-4326	Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and...	Justsystem	Ichitaro	2006-08-24 01:00:00 UTC	CVE

Displaying vulnerabilities 1976 - 1979 of 1979 in total