Vulnerabilities exploitable today
349,216in current view
Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.
In KEV catalog1,644
New KEV · 24H0
Exploit Today ≥ 701,579
Distribution · last window
- Critical1,299
- High4,252
- Medium3,580
- Low277
Window
Severity
Flags
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2023-32439—97.6%
KEV—79Apple Multiple Products WebKit Type Confusion Vulnerability—CVE-2018-19953—97.6%
KEVR79QNAP NAS File Station Cross-Site Scripting Vulnerability—CVE-2020-4006—97.6%
KEV—79Multiple VMware Products Command Injection Vulnerability—CVE-2018-6882—97.6%
KEVR79Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability—CVE-2016-4656—97.6%
KEV—79Apple iOS Memory Corruption Vulnerability—CVE-2021-27878—97.6%
KEVR79Veritas Backup Exec Agent Command Execution Vulnerability—CVE-2022-0609—97.5%
KEV—79Google Chromium Animation Use-After-Free Vulnerability—CVE-2025-23006—97.5%
KEVR79SonicWall SMA1000 Appliances Deserialization Vulnerability—CVE-2024-9680—97.5%
KEVR79Mozilla Firefox Use-After-Free Vulnerability—CVE-2023-32435—97.5%
KEV—79Apple Multiple Products WebKit Memory Corruption Vulnerability—CVE-2025-14174—97.5%
KEV—79Google Chromium Out of Bounds Memory Access Vulnerability—CVE-2016-6367—97.5%
KEV—79Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability—CVE-2024-44309—97.5%
KEV—79Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability—CVE-2026-32201—97.5%
KEV—79Microsoft SharePoint Server Improper Input Validation Vulnerability—CVE-2015-5317—97.4%
KEV—79Jenkins User Interface (UI) Information Disclosure Vulnerability—CVE-2024-37079—97.4%
KEV—79Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability—CVE-2018-8639—97.4%
KEVR79Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability—CVE-2014-0546—97.4%
KEV—79Adobe Reader and Acrobat Sandbox Bypass Vulnerability—CVE-2021-22899—97.4%
KEV—79Ivanti Pulse Connect Secure Command Injection Vulnerability—CVE-2024-40890—97.4%
KEV—79Zyxel DSL CPE OS Command Injection Vulnerability—CVE-2014-0196—97.4%
KEV—79Linux Kernel Race Condition Vulnerability—CVE-2016-1019—97.4%
KEVR79Adobe Flash Player Arbitrary Code Execution Vulnerability—CVE-2021-3560—97.4%
KEV—79Red Hat Polkit Incorrect Authorization Vulnerability—CVE-2020-27930—97.4%
KEV—79Apple Multiple Products Memory Corruption Vulnerability—CVE-2026-2441—97.4%
KEV—79Google Chromium CSS Use-After-Free Vulnerability—CVE-2024-40891—97.4%
KEV—79Zyxel DSL CPE OS Command Injection Vulnerability—CVE-2023-29360—97.4%
KEV—79Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability—CVE-2016-0162—97.4%
KEV—79Microsoft Internet Explorer Information Disclosure Vulnerability—CVE-2025-31200—97.4%
KEV—79Apple Multiple Products Memory Corruption Vulnerability—CVE-2019-0903—97.4%
KEV—79Microsoft GDI Remote Code Execution Vulnerability—CVE-2019-1297—97.4%
KEV—79Microsoft Excel Remote Code Execution Vulnerability—CVE-2023-20269—97.3%
KEVR79Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access Vulnerability—CVE-2020-9377—97.3%
KEV—79D-Link DIR-610 Devices Remote Command Execution—CVE-2017-6742—97.3%
KEV—79Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability—CVE-2012-1854—97.3%
KEV—79Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability—CVE-2012-5054—97.3%
KEV—79Adobe Flash Player Integer Overflow Vulnerability—CVE-2025-30397—97.3%
KEV—79Microsoft Windows Scripting Engine Type Confusion Vulnerability—CVE-2025-54948—97.3%
KEV—79Trend Micro Apex One OS Command Injection Vulnerability—CVE-2023-36563—97.3%
KEV—79Microsoft WordPad Information Disclosure Vulnerability—CVE-2020-24363—97.2%
KEV—79TP-link TL-WA855RE Missing Authentication for Critical Function Vulnerability—