Vulnerabilities exploitable today
349,195in current view
Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.
In KEV catalog1,644
New KEV · 24H0
Exploit Today ≥ 701,579
Distribution · last window
- Critical1,298
- High4,252
- Medium3,575
- Low277
Window
Severity
Flags
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2018-15133—99.5%
KEV—80Laravel Deserialization of Untrusted Data Vulnerability—CVE-2014-1761—99.5%
KEV—80Microsoft Word Memory Corruption Vulnerability—CVE-2019-7238—99.5%
KEV—80Sonatype Nexus Repository Manager Incorrect Access Control Vulnerability—CVE-2023-34192—99.5%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability—CVE-2023-27351—99.5%
KEVR80PaperCut NG/MF Improper Authentication Vulnerability—CVE-2020-13965—99.5%
KEV—80Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability—CVE-2013-3897—99.5%
KEV—80Microsoft Internet Explorer Use-After-Free Vulnerability—CVE-2022-41080—99.5%
KEVR80Microsoft Exchange Server Privilege Escalation Vulnerability—CVE-2023-27532—99.5%
KEVR80Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability—CVE-2016-3718—99.5%
KEV—80ImageMagick Server-Side Request Forgery (SSRF) Vulnerability—CVE-2012-0391—99.5%
KEV—80Apache Struts 2 Improper Input Validation Vulnerability—CVE-2023-44221—99.5%
KEV—80SonicWall SMA100 Appliances OS Command Injection Vulnerability—CVE-2017-9248—99.5%
KEV—80Progress Telerik UI for ASP.NET AJAX and Sitefinity Cryptographic Weakness Vulnerability—CVE-2016-3715—99.5%
KEV—80ImageMagick Arbitrary File Deletion Vulnerability—CVE-2018-8298—99.5%
KEV—80ChakraCore Scripting Engine Type Confusion Vulnerability—CVE-2022-44698—99.5%
KEVR80Microsoft Defender SmartScreen Security Feature Bypass Vulnerability—CVE-2021-30860—99.5%
KEV—80Apple Multiple Products Integer Overflow Vulnerability—CVE-2015-0016—99.5%
KEV—80Microsoft Windows TS WebProxy Directory Traversal Vulnerability—CVE-2025-6204—99.5%
KEV—80Dassault Systèmes DELMIA Apriso Code Injection Vulnerability—CVE-2023-5631—99.5%
KEV—80Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability—CVE-2017-11357—99.5%
KEVR80Telerik UI for ASP.NET AJAX Insecure Direct Object Reference Vulnerability—CVE-2019-1003030—99.5%
KEV—80Jenkins Matrix Project Plugin Remote Code Execution Vulnerability—CVE-2021-252988.8 HIG99.5%
KEV—80Nagios XI OS Command Injection8dCVE-2018-8414—99.4%
KEV—80Microsoft Windows Shell Remote Code Execution Vulnerability—CVE-2019-12991—99.4%
KEV—80Citrix SD-WAN and NetScaler Command Injection Vulnerability—CVE-2019-1003029—99.4%
KEV—80Jenkins Script Security Plugin Sandbox Bypass Vulnerability—CVE-2019-1458—99.4%
KEVR80Microsoft Win32k Privilege Escalation Vulnerability—CVE-2021-42287—99.4%
KEVR80Microsoft Active Directory Domain Services Privilege Escalation Vulnerability—CVE-2013-3918—99.4%
KEV—80Microsoft Windows Out-of-Bounds Write Vulnerability—CVE-2018-14667—99.4%
KEV—80Red Hat JBoss RichFaces Framework Expression Language Injection Vulnerability—CVE-2005-2773—99.4%
KEV—80HP OpenView Network Node Manager Remote Code Execution Vulnerability—CVE-2018-15811—99.4%
KEV—80DotNetNuke (DNN) Inadequate Encryption Strength Vulnerability—CVE-2013-2551—99.4%
KEVR80Microsoft Internet Explorer Use-After-Free Vulnerability—CVE-2018-18325—99.4%
KEV—80DotNetNuke (DNN) Inadequate Encryption Strength Vulnerability—CVE-2014-0780—99.4%
KEV—80InduSoft Web Studio NTWebServer Directory Traversal Vulnerability—CVE-2017-8543—99.4%
KEV—80Microsoft Windows Search Remote Code Execution Vulnerability—CVE-2021-20123—99.4%
KEV—80Draytek VigorConnect Path Traversal Vulnerability —CVE-2021-42258—99.4%
KEVR80BQE BillQuick Web Suite SQL Injection Vulnerability—CVE-2019-9978—99.4%
KEV—80WordPress Social Warfare Plugin Cross-Site Scripting (XSS) Vulnerability—CVE-2019-13720—99.4%
KEV—80Google Chrome WebAudio Use-After-Free Vulnerability—