Known Exploited Vulnerability Feed
Evidence-backed KEV intelligence enriched with confidence scoring, exploitation status, CISA KEV status, and sensor telemetry.
| CVE | Product | Vendor | Confidence | Exploitation Status | Sensors | First Seen | Added | Artifacts |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-20038 | SonicWall SMA100 | SonicWall | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
PoC
Nuclei
Scanner
|
| CVE-2022-22587 | iOS and iPadOS, macOS | Apple | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
—
|
| CVE-2014-1776 | Internet Explorer | Microsoft | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
—
|
| CVE-2020-0787 | Windows, Windows Server, Windows 10 Version 1909 for 32-bit Systems, Windows 10 Version 1909 for x64-based Systems, Windows 10 Version 1909 for ARM64-based Systems, Windows Server, version 1909 (Server Core installation), Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation) | Microsoft | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
PoC
Scanner
|
| CVE-2014-7169 | Bash | GNU | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
—
|
| CVE-2014-6271 | Bash | GNU | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
PoC
Nuclei
Scanner
|
| CVE-2020-5722 | Grandstream UCM6200 Series | Grandstream | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
PoC
Nuclei
Scanner
|
| CVE-2018-8453 | Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers | Microsoft | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
PoC
Scanner
|
| CVE-2012-0391 | Struts | Apache | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
PoC
Scanner
|
| CVE-2006-1547 | Struts | Apache Software Foundation | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
—
|
| CVE-2021-35247 | Serv-U | SolarWinds | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
—
|
| CVE-2020-11978 | Apache Airflow | Apache Software Foundation | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
PoC
Nuclei
Scanner
|
| CVE-2021-25296 | Nagios XI | Nagios | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
PoC
Nuclei
Scanner
|
| CVE-2021-25297 | Nagios XI | Nagios | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
PoC
Nuclei
Scanner
|
| CVE-2021-25298 | Nagios XI | Nagios | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
PoC
Nuclei
Scanner
|
| CVE-2021-40870 | Controller | Aviatrix | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
PoC
Nuclei
Scanner
|
| CVE-2021-33766 | Microsoft Exchange Server 2019 Cumulative Update 9, Microsoft Exchange Server 2016 Cumulative Update 20, Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2016 Cumulative Update 19, Microsoft Exchange Server 2019 Cumulative Update 8 | Microsoft | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
PoC
Nuclei
Scanner
|
| CVE-2021-21975 | VMware vRealize Operations | VMware | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
PoC
Nuclei
Scanner
|
| CVE-2021-21315 | systeminformation | sebhildebrandt | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
PoC
Nuclei
Scanner
|
| CVE-2021-22991 | BIG-IP | F5 | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
—
|
| CVE-2020-14864 | Business Intelligence Enterprise Edition | Oracle Corporation | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
PoC
Nuclei
Scanner
|
| CVE-2021-32648 | october | octobercms | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
PoC
Nuclei
Scanner
|
| CVE-2020-13671 | Drupal Core | Drupal | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
—
|
| CVE-2020-13927 | Apache Airflow | Apache | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
PoC
Nuclei
Scanner
|
| CVE-2015-7450 | WebSphere | IBM | Confirmed | Active exploitation | — | over 4 years ago | over 4 years ago |
PoC
Nuclei
Scanner
|