Vulnerabilities exploitable today
349,195in current view
Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.
In KEV catalog1,644
New KEV · 24H0
Exploit Today ≥ 701,579
Distribution · last window
- Critical1,298
- High4,252
- Medium3,575
- Low277
Window
Severity
Flags
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2013-3893—99.7%
KEV—80Microsoft Internet Explorer Resource Management Errors Vulnerability—CVE-2021-30116—99.7%
KEVR80Kaseya Virtual System/Server Administrator (VSA) Information Disclosure Vulnerability—CVE-2018-6961—99.7%
KEV—80VMware SD-WAN Edge by VeloCloud Command Injection Vulnerability—CVE-2019-4716—99.7%
KEV—80IBM Planning Analytics Remote Code Execution Vulnerability—CVE-2022-27924—99.7%
KEVR80Synacor Zimbra Collaboration Suite (ZCS) Command Injection Vulnerability—CVE-2023-27997—99.7%
KEVR80Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability—CVE-2025-52691—99.7%
KEVR80SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability—CVE-2020-3580—99.7%
KEVR80Cisco ASA and FTD Cross-Site Scripting (XSS) Vulnerability—CVE-2021-1675—99.7%
KEVR80Microsoft Windows Print Spooler Remote Code Execution Vulnerability—CVE-2015-2545—99.7%
KEV—80Microsoft Office Malformed EPS File Vulnerability—CVE-2011-2462—99.7%
KEV—80Adobe Reader and Acrobat Universal 3D Memory Corruption Vulnerability—CVE-2023-24955—99.7%
KEVR80Microsoft SharePoint Server Code Injection Vulnerability—CVE-2025-9242—99.7%
KEV—80WatchGuard Firebox Out-of-Bounds Write Vulnerability—CVE-2020-12641—99.7%
KEV—80Roundcube Webmail Remote Code Execution Vulnerability—CVE-2024-28986—99.7%
KEV—80SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability—CVE-2026-1340—99.7%
KEV—80Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability—CVE-2015-3035—99.7%
KEV—80TP-Link Multiple Archer Devices Directory Traversal Vulnerability—CVE-2018-17463—99.7%
KEV—80Google Chromium V8 Remote Code Execution Vulnerability—CVE-2019-11581—99.7%
KEV—80Atlassian Jira Server and Data Center Server-Side Template Injection Vulnerability—CVE-2025-40551—99.7%
KEV—80SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability—CVE-2023-28432—99.7%
KEV—80MinIO Information Disclosure Vulnerability—CVE-2026-9082—99.7%
KEV—80Drupal Core SQL Injection Vulnerability—CVE-2020-5722—99.7%
KEV—80Grandstream Networks UCM6200 Series SQL Injection Vulnerability—CVE-2020-3161—99.7%
KEV—80Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability—CVE-2020-15415—99.7%
KEV—80DrayTek Multiple Vigor Routers OS Command Injection Vulnerability—CVE-2025-34026—99.7%
KEV—80Versa Concerto Improper Authentication Vulnerability—CVE-2017-11317—99.7%
KEV—80Telerik UI for ASP.NET AJAX Unrestricted File Upload Vulnerability—CVE-2016-10174—99.7%
KEV—80NETGEAR WNR2000v5 Router Buffer Overflow Vulnerability—CVE-2023-27992—99.7%
KEV—80Zyxel Multiple NAS Devices Command Injection Vulnerability—CVE-2022-23134—99.7%
KEV—80Zabbix Frontend Improper Access Control Vulnerability—CVE-2024-58136—99.7%
KEV—80Yiiframework Yii Improper Protection of Alternate Path Vulnerability—CVE-2026-3055—99.7%
KEV—80Citrix NetScaler Out-of-Bounds Read Vulnerability—CVE-2024-21762—99.7%
KEVR80Fortinet FortiOS Out-of-Bound Write Vulnerability—CVE-2025-64328—99.7%
KEV—80Sangoma FreePBX OS Command Injection Vulnerability—CVE-2016-5195—99.7%
KEV—80Linux Kernel Race Condition Vulnerability—CVE-2025-4428—99.7%
KEV—80Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability—CVE-2020-28949—99.7%
KEV—80PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability—CVE-2024-38112—99.7%
KEV—80Microsoft Windows MSHTML Platform Spoofing Vulnerability—CVE-2012-1889—99.7%
KEV—80Microsoft XML Core Services Memory Corruption Vulnerability—CVE-2020-7796—99.7%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery Vulnerability—