Vulnerabilities exploitable today
349,130in current view
Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.
In KEV catalog1,644
New KEV · 24H0
Exploit Today ≥ 701,579
Distribution · last window
- Critical1,293
- High4,219
- Medium3,544
- Low277
Window
Severity
Flags
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2020-10148—99.8%
KEV—80SolarWinds Orion Authentication Bypass Vulnerability—CVE-2025-11371—99.8%
KEV—80Gladinet CentreStack and Triofox Files or Directories Accessible to External Parties Vulnerability—CVE-2021-42321—99.8%
KEVR80Microsoft Exchange Server Remote Code Execution Vulnerability—CVE-2016-3427—99.8%
KEV—80Oracle Java SE and JRockit Unspecified Vulnerability—CVE-2010-2568—99.8%
KEV—80Microsoft Windows Remote Code Execution Vulnerability—CVE-2017-5689—99.8%
KEV—80Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability—CVE-2024-116809.8 CRI99.8%
KEV—80ProjectSend Improper Authentication Vulnerability2dCVE-2026-35273—99.8%
KEVR80Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability—CVE-2020-3952—99.8%
KEV—80VMware vCenter Server Information Disclosure Vulnerability—CVE-2019-6340—99.8%
KEV—80Drupal Core Remote Code Execution Vulnerability—CVE-2023-41763—99.8%
KEV—80Microsoft Skype for Business Privilege Escalation Vulnerability—CVE-2023-40044—99.8%
KEVR80Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability—CVE-2021-21315—99.8%
KEV—80System Information Library for Node.JS Command Injection—CVE-2024-40711—99.8%
KEVR80Veeam Backup and Replication Deserialization Vulnerability—CVE-2018-11138—99.8%
KEVR80Quest KACE System Management Appliance Remote Command Execution Vulnerability—CVE-2021-32648—99.8%
KEV—80October CMS Improper Authentication—CVE-2017-12149—99.8%
KEVR80Red Hat JBoss Application Server Remote Code Execution Vulnerability—CVE-2020-8657—99.8%
KEV—80EyesOfNetwork Use of Hard-Coded Credentials Vulnerability—CVE-2019-2616—99.8%
KEV—80Oracle BI Publisher Unauthorized Access Vulnerability—CVE-2024-20439—99.8%
KEV—80Cisco Smart Licensing Utility Static Credential Vulnerability—CVE-2022-26352—99.8%
KEVR80dotCMS Unrestricted Upload of File Vulnerability—CVE-2025-12480—99.8%
KEV—80Gladinet Triofox Improper Access Control Vulnerability—CVE-2012-0754—99.8%
KEV—80Adobe Flash Player Memory Corruption Vulnerability—CVE-2012-5076—99.8%
KEV—80Oracle Java SE Sandbox Bypass Vulnerability—CVE-2022-24706—99.8%
KEV—80Apache CouchDB Insecure Default Initialization of Resource Vulnerability—CVE-2020-1350—99.8%
KEV—80Microsoft Windows DNS Server Remote Code Execution Vulnerability—CVE-2021-35211—99.8%
KEVR80SolarWinds Serv-U Remote Code Execution Vulnerability—CVE-2022-43939—99.8%
KEV—80Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability—CVE-2025-2747—99.8%
KEV—80Kentico Xperience CMS Authentication Bypass Using an Alternate Path or Channel Vulnerability—CVE-2025-54309—99.8%
KEV—80 CrushFTP Unprotected Alternate Channel Vulnerability—CVE-2017-3066—99.8%
KEV—80Adobe ColdFusion Deserialization Vulnerability—CVE-2020-8243—99.8%
KEV—80Ivanti Pulse Connect Secure Code Execution Vulnerability—CVE-2024-7399—99.8%
KEV—80Samsung MagicINFO 9 Server Path Traversal Vulnerability—CVE-2010-0249—99.8%
KEV—80Microsoft Internet Explorer Use-After-Free Vulnerability—CVE-2016-8735—99.8%
KEV—80Apache Tomcat Remote Code Execution Vulnerability—CVE-2023-36844—99.8%
KEV—80Juniper Junos OS EX Series PHP External Variable Modification Vulnerability—CVE-2017-0146—99.8%
KEVR80Microsoft Windows SMB Remote Code Execution Vulnerability—CVE-2017-5521—99.8%
KEV—80NETGEAR Multiple Devices Exposure of Sensitive Information Vulnerability—CVE-2026-1731—99.8%
KEVR80BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability—CVE-2019-7195—99.8%
KEVR80QNAP Photo Station Path Traversal Vulnerability—