Known Exploited Vulnerability Feed
Evidence-backed KEV intelligence enriched with confidence scoring, exploitation status, CISA KEV status, and sensor telemetry.
2,578
Total KEVs
Known exploited vulnerabilities tracked in KEVIntel
955
Beyond CISA KEV
Additional exploited CVEs tracked beyond CISA KEV
16
KEVs Observed in Sensors (7d)
Tracked KEVs with live exploitation attempts in honeypots
1,676+
Artifacts Available
PoC, Nuclei, and scanner context
| CVE | Product | Vendor | Confidence | Exploitation Status | Sensors | First Seen | Added | Artifacts |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-20149 | RouterOS | Mikrotik | High | Active | — | over 3 years ago | over 3 years ago |
—
|
| CVE-2022-40684 | Fortinet FortiOS, FortiProxy, FortiSwitchManager | Fortinet | Confirmed | Active | — | over 3 years ago | over 3 years ago |
PoC
Nuclei
|
| CVE-2022-41033 | Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 7, Windows 7 Service Pack 1, Windows 8.1, Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation) | Microsoft | Confirmed | Active | — | over 3 years ago | over 3 years ago |
Nessus
|
| CVE-2022-41040 | Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2016 Cumulative Update 22, Microsoft Exchange Server 2019 Cumulative Update 11, Microsoft Exchange Server 2019 Cumulative Update 12, Microsoft Exchange Server 2016 Cumulative Update 23 | Microsoft | Confirmed | Active | — | over 3 years ago | over 3 years ago |
PoC
|
| CVE-2022-36804 | Bitbucket Server, Bitbucket Data Center | Atlassian | Confirmed | Active | — | over 3 years ago | over 3 years ago |
PoC
Nuclei
|
| CVE-2022-41082 | Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2016 Cumulative Update 22, Microsoft Exchange Server 2019 Cumulative Update 11, Microsoft Exchange Server 2019 Cumulative Update 12, Microsoft Exchange Server 2016 Cumulative Update 23 | Microsoft | Confirmed | Active | — | over 3 years ago | over 3 years ago |
PoC
|
| CVE-2022-3236 | Sophos Firewall | Sophos | Confirmed | Active | — | over 3 years ago | over 3 years ago |
PoC
Nuclei
Nessus
|
| CVE-2022-35405 | ManageEngine Password Manager Pro, PAM360, Access Manager Plus | Zoho | Confirmed | Active | — | over 3 years ago | over 3 years ago |
PoC
Nuclei
|
| CVE-2022-40769 | profanity | johguse | High | Active | — | over 3 years ago | over 3 years ago |
—
|
| CVE-2010-2568 | Windows | Microsoft | Confirmed | Active | — | almost 4 years ago | almost 4 years ago |
PoC
|
| CVE-2013-6282 | Linux Kernel | Linux | Confirmed | Active | — | almost 4 years ago | almost 4 years ago |
PoC
|
| CVE-2022-40139 | Trend Micro Apex One | Trend Micro | Confirmed | Active | — | almost 4 years ago | almost 4 years ago |
Nessus
|
| CVE-2013-2094 | Linux Kernel | Linux | Confirmed | Active | — | almost 4 years ago | almost 4 years ago |
PoC
Nessus
|
| CVE-2013-2596 | Linux Kernel | Linux | Confirmed | Active | — | almost 4 years ago | almost 4 years ago |
Nessus
|
| CVE-2013-2597 | Linux Kernel | Qualcomm | Confirmed | Active | — | almost 4 years ago | almost 4 years ago |
—
|
| CVE-2022-32917 | iOS, macOS | Apple | Confirmed | Active | — | almost 4 years ago | almost 4 years ago |
Nessus
|
| CVE-2022-37969 | Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 7, Windows 7 Service Pack 1, Windows 8.1, Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation) | Microsoft | Confirmed | Active | — | almost 4 years ago | almost 4 years ago |
PoC
Nessus
|
| CVE-2022-40734 | laravel-filemanager | UniSharp | High | Active | — | almost 4 years ago | almost 4 years ago |
PoC
Nuclei
|
| CVE-2022-3180 | WPGateway | Jack Hopman | High | Active | — | almost 4 years ago | almost 4 years ago |
—
|
| CVE-2018-2628 | WebLogic Server | Oracle Corporation | Confirmed | Active | — | almost 4 years ago | almost 4 years ago |
PoC
Nuclei
|
| CVE-2022-3075 | Chrome | Confirmed | Active | — | almost 4 years ago | almost 4 years ago |
Nessus
|
|
| CVE-2022-27593 | Photo Station | QNAP Systems Inc. | Confirmed | Active | — | almost 4 years ago | almost 4 years ago |
PoC
Nuclei
|
| CVE-2022-26258 | DIR-820L | D-Link | Confirmed | Active | — | almost 4 years ago | almost 4 years ago |
Nessus
|
| CVE-2020-9934 | iOS, macOS | Apple | Confirmed | Active | — | almost 4 years ago | almost 4 years ago |
PoC
Nessus
|
| CVE-2018-7445 | RouterOS | MikroTik | Confirmed | Active | — | almost 4 years ago | almost 4 years ago |
Nessus
|