CISA Known Exploited Vulnerabilities (KEV)

Live mirror of the federal catalog of vulnerabilities actively exploited in the wild. When a federal RFP names tech with an open KEV entry, the procurement is implicitly urgent — agencies are racing against active exploitation.

Total KEV entries: 1,611
Known ransomware: 325
Added last 30 days: 24
Affected vendors: 265

Most recently added

Latest: 2026-06-03

CVE	Vendor / Product	Vulnerability	Added	RW
CVE-2026-45247	Mirasvit Mirasvit Full Page Cache Warmer	Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability	2026-06-03	—
CVE-2025-48595	Android Framework	Android Framework Integer Overflow Vulnerability	2026-06-02	—
CVE-2022-0492	Linux Kernel	Linux Kernel Improper Authentication Vulnerability	2026-06-02	—
CVE-2024-21182	Oracle WebLogic Server	Oracle WebLogic Server Unspecified Vulnerability	2026-06-01	—
CVE-2026-0257	Palo Alto Networks PAN-OS	Palo Alto Networks PAN-OS Authentication Bypass Vulnerability	2026-05-29	—
CVE-2026-8398	Daemon Daemon Tools Lite	Daemon Tools Lite Embedded Malicious Code Vulnerability	2026-05-27	—
CVE-2026-48027	Nx Nx Console	Nx Console Embedded Malicious Code Vulnerability	2026-05-27	YES
CVE-2026-45321	TanStack TanStack	TanStack Unspecified Vulnerability	2026-05-27	YES
CVE-2026-48172	LiteSpeed cPanel Plugin	LiteSpeed cPanel Plugin Privilege Escalation Vulnerability	2026-05-26	—
CVE-2026-9082	Drupal Core	Drupal Core SQL Injection Vulnerability	2026-05-22	—
CVE-2026-34926	Trend Micro Apex One	Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability	2026-05-21	—
CVE-2025-34291	Langflow Langflow	Langflow Origin Validation Error Vulnerability	2026-05-21	—
CVE-2026-45498	Microsoft Defender	Microsoft Defender Denial of Service Vulnerability	2026-05-20	—
CVE-2026-41091	Microsoft Defender	Microsoft Defender Link Following Vulnerability	2026-05-20	—
CVE-2010-0806	Microsoft Internet Explorer	Microsoft Internet Explorer Use-After-Free Vulnerability	2026-05-20	—
CVE-2010-0249	Microsoft Internet Explorer	Microsoft Internet Explorer Use-After-Free Vulnerability	2026-05-20	—
CVE-2009-3459	Adobe Acrobat and Reader	Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability	2026-05-20	—
CVE-2009-1537	Microsoft DirectX	Microsoft DirectX NULL Byte Overwrite Vulnerability	2026-05-20	—
CVE-2008-4250	Microsoft Windows	Microsoft Windows Buffer Overflow Vulnerability	2026-05-20	—
CVE-2026-42897	Microsoft Microsoft	Microsoft Exchange Server Cross-Site Scripting Vulnerability	2026-05-15	—
CVE-2026-20182	Cisco Catalyst SD-WAN	Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability	2026-05-14	—
CVE-2026-42208	BerriAI LiteLLM	BerriAI LiteLLM SQL Injection Vulnerability	2026-05-08	—
CVE-2026-6973	Ivanti Endpoint Manager Mobile (EPMM)	Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability	2026-05-07	—
CVE-2026-0300	Palo Alto Networks PAN-OS	Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability	2026-05-06	—
CVE-2026-31431	Linux Kernel	Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability	2026-05-01	—
CVE-2026-41940	WebPros cPanel & WHM and WP2 (WordPress Squared)	WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability	2026-04-30	YES
CVE-2026-32202	Microsoft Windows	Microsoft Windows Protection Mechanism Failure Vulnerability	2026-04-28	—
CVE-2024-1708	ConnectWise ScreenConnect	ConnectWise ScreenConnect Path Traversal Vulnerability	2026-04-28	YES
CVE-2025-29635	D-Link DIR-823X	D-Link DIR-823X Command Injection Vulnerability	2026-04-24	—
CVE-2024-7399	Samsung MagicINFO 9 Server	Samsung MagicINFO 9 Server Path Traversal Vulnerability	2026-04-24	—
CVE-2024-57728	SimpleHelp SimpleHelp	SimpleHelp Path Traversal Vulnerability	2026-04-24	YES
CVE-2024-57726	SimpleHelp SimpleHelp	SimpleHelp Missing Authorization Vulnerability	2026-04-24	YES
CVE-2026-39987	Marimo Marimo	Marimo Remote Code Execution Vulnerability	2026-04-23	—
CVE-2026-33825	Microsoft Defender	Microsoft Defender Insufficient Granularity of Access Control Vulnerability	2026-04-22	—
CVE-2026-20133	Cisco Catalyst SD-WAN Manager	Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability	2026-04-20	—
CVE-2026-20128	Cisco Catalyst SD-WAN Manager	Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability	2026-04-20	—
CVE-2026-20122	Cisco Catalyst SD-WAN Manger	Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability	2026-04-20	—
CVE-2025-48700	Synacor Zimbra Collaboration Suite (ZCS)	Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability	2026-04-20	—
CVE-2025-32975	Quest KACE Systems Management Appliance (SMA)	Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability	2026-04-20	—
CVE-2025-2749	Kentico Kentico Xperience	Kentico Xperience Path Traversal Vulnerability	2026-04-20	—
CVE-2024-27199	JetBrains TeamCity	JetBrains TeamCity Relative Path Traversal Vulnerability	2026-04-20	YES
CVE-2023-27351	PaperCut NG/MF	PaperCut NG/MF Improper Authentication Vulnerability	2026-04-20	YES
CVE-2026-34197	Apache ActiveMQ	Apache ActiveMQ Improper Input Validation Vulnerability	2026-04-16	—
CVE-2026-32201	Microsoft SharePoint Server	Microsoft SharePoint Server Improper Input Validation Vulnerability	2026-04-14	—
CVE-2009-0238	Microsoft Office	Microsoft Office Remote Code Execution	2026-04-14	—
CVE-2026-34621	Adobe Acrobat and Reader	Adobe Acrobat and Reader Prototype Pollution Vulnerability	2026-04-13	—
CVE-2026-21643	Fortinet FortiClient EMS	Fortinet FortiClient EMS SQL Injection Vulnerability	2026-04-13	—
CVE-2025-60710	Microsoft Windows	Microsoft Windows Link Following Vulnerability	2026-04-13	—
CVE-2023-36424	Microsoft Windows	Microsoft Windows Out-of-Bounds Read Vulnerability	2026-04-13	—
CVE-2023-21529	Microsoft Exchange Server	Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability	2026-04-13	YES

Source: CISA Known Exploited Vulnerabilities Catalog via cisagov/kev-data. Refreshed daily. Catalog version as of 2026-06-03.