Known Exploited Vulnerability Feed

Evidence-backed KEV intelligence enriched with confidence scoring, exploitation status, CISA KEV status, and sensor telemetry.

RSS Free KEV JSON Feed Email alerts

2,578

Total KEVs

Known exploited vulnerabilities tracked in KEVIntel

956

Beyond CISA KEV

Additional exploited CVEs tracked beyond CISA KEV

KEVs Observed in Sensors (7d)

Tracked KEVs with live exploitation attempts in honeypots

1,676+

Artifacts Available

PoC, Nuclei, and scanner context

All KEVs Not in CISA KEV Observed in Sensors High Confidence Artifacts Available

CVE	Product	Vendor	Confidence	Exploitation Status	Sensors	First Seen	Added	Artifacts
CVE-2025-10353	Melis Platform	Melis Technology	High	Active	—	about 2 months ago	about 2 months ago	PoC Nuclei
CVE-2026-3844	Breeze Cache	cloudways	High	Active	—	about 2 months ago	about 2 months ago	PoC Nuclei
CVE-2021-4374	WordPress Automatic Plugin	ValvePress	High	Active	—	about 2 months ago	about 2 months ago	PoC Nuclei
CVE-2026-33626	lmdeploy	InternLM	High	Active	—	about 2 months ago	about 2 months ago	PoC Nuclei
CVE-2019-8451	Jira	Atlassian	High	Exploited	—	about 2 months ago	about 2 months ago	PoC Nuclei
CVE-2026-25187	Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows 11 Version 25H2, Windows 11 version 26H1, Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)	Microsoft	High	Active	—	2 months ago	2 months ago	—
CVE-2026-3564	ScreenConnect	ConnectWise	High	Active	—	2 months ago	2 months ago	—
CVE-2026-26127	.NET 10.0, .NET 9.0, Microsoft.Bcl.Memory	Microsoft	High	Active	—	2 months ago	2 months ago	—
CVE-2026-21262	Microsoft SQL Server 2016 Service Pack 3 (GDR), Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack, Microsoft SQL Server 2017 (CU 31), Microsoft SQL Server 2017 (GDR), Microsoft SQL Server 2019 (CU 32), Microsoft SQL Server 2019 (GDR), Microsoft SQL Server 2022 (GDR), Microsoft SQL Server 2022 for x64-based Systems (CU 23), Microsoft SQL Server 2025 (CU 2), Microsoft SQL Server 2025 for x64-based Systems (GDR)	Microsoft	High	Active	—	2 months ago	2 months ago	—
CVE-2018-6605	Zh BaiduMap	Joomla	High	Active	—	2 months ago	2 months ago	PoC Nuclei
CVE-2025-66954	Link Station	Buffalo	High	Active	—	2 months ago	2 months ago	—
CVE-2024-32114	Apache ActiveMQ	Apache Software Foundation	High	Active	—	2 months ago	2 months ago	PoC Nuclei
CVE-2025-0520	ShowDoc	ShowDoc	High	Active	—	2 months ago	2 months ago	—
CVE-2026-33032	nginx-ui	0xJacky	High	Active	—	2 months ago	2 months ago	PoC Nuclei
CVE-2018-7490	uWSGI	uWSGI	High	Exploited	—	2 months ago	2 months ago	PoC Nuclei
CVE-2023-22809	Sudo	Sudo	High	Exploited	—	2 months ago	2 months ago	PoC
CVE-2024-4367	Firefox, Firefox ESR, Thunderbird	Mozilla	High	Exploited	—	2 months ago	2 months ago	PoC
CVE-2018-15473	OpenSSH	OpenSSH	High	Exploited	—	2 months ago	2 months ago	PoC
CVE-2022-0778	OpenSSL	OpenSSL	High	Exploited	—	2 months ago	2 months ago	PoC
CVE-2025-61624	FortiOS, FortiProxy, FortiSwitchManager, FortiPAM	Fortinet	High	Active	—	2 months ago	2 months ago	—
CVE-2021-3223	Node-RED-Dashboard	Node-RED	High	Active	—	2 months ago	2 months ago	PoC Nuclei
CVE-2020-20300	WeiPHP 5.0	WeiPHP	High	Active	—	2 months ago	2 months ago	PoC Nuclei
CVE-2025-59528	Flowise	FlowiseAI	High	Active	—	2 months ago	2 months ago	PoC Nuclei
CVE-2026-21891	ZimaOS	IceWhaleTech	High	Active	—	2 months ago	2 months ago	PoC Nuclei
CVE-2026-3965	qinglong	whyour	High	Active	—	2 months ago	2 months ago	—

Displaying vulnerabilities 376 - 400 of 2578 in total