Vulnerabilities exploitable today
4,276in current view
Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.
In KEV catalog1,644
New KEV · 24H0
Exploit Today ≥ 701,579
Distribution · last window
- Critical1,299
- High4,252
- Medium3,580
- Low277
Window
Severity
Flags
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2007-3925—99.7%
——30——CVE-2022-23134—99.7%
KEV—80Zabbix Frontend Improper Access Control Vulnerability—CVE-2005-2278—99.7%
——30——CVE-2026-9082—99.7%
KEV—80Drupal Core SQL Injection Vulnerability—CVE-2023-49085—99.7%
——30——CVE-2024-28986—99.7%
KEV—80SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability—CVE-2019-11581—99.7%
KEV—80Atlassian Jira Server and Data Center Server-Side Template Injection Vulnerability—CVE-2025-64328—99.7%
KEV—80Sangoma FreePBX OS Command Injection Vulnerability—CVE-2017-2741—99.7%
——30——CVE-2021-41174—99.7%
——30——CVE-2020-8656—99.7%
——30——CVE-2020-7796—99.7%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery Vulnerability—CVE-2013-6955—99.7%
——30——CVE-2018-17463—99.7%
KEV—80Google Chromium V8 Remote Code Execution Vulnerability—CVE-2017-17105—99.7%
——30——CVE-2020-28949—99.7%
KEV—80PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability—CVE-2013-3214—99.7%
——30——CVE-2003-0201—99.7%
——30——CVE-2021-38294—99.7%
——30——CVE-2023-3388—99.7%
——30——CVE-2020-12641—99.7%
KEV—80Roundcube Webmail Remote Code Execution Vulnerability—CVE-2022-36974—99.7%
——30——CVE-2024-42009—99.7%
KEV—80RoundCube Webmail Cross-Site Scripting Vulnerability—CVE-2023-0921—99.7%
——30——CVE-2018-1000006—99.7%
——30——CVE-2013-2566—99.7%
——30——CVE-2015-1830—99.7%
——30——CVE-2023-29325—99.7%
——30——CVE-2013-7285—99.7%
——30——CVE-2023-40492—99.7%
——30——CVE-2023-40494—99.7%
——30——CVE-2023-40502—99.7%
——30——CVE-2024-38112—99.7%
KEV—80Microsoft Windows MSHTML Platform Spoofing Vulnerability—CVE-2017-14495—99.7%
——30——CVE-2014-0556—99.7%
——30——CVE-2011-0997—99.7%
——30——CVE-2010-3563—99.7%
——30——CVE-2020-36221—99.7%
——30——CVE-2019-12314—99.7%
——30——CVE-2020-15415—99.7%
KEV—80DrayTek Multiple Vigor Routers OS Command Injection Vulnerability—