Vulnerabilities exploitable today
349,029in current view
Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.
In KEV catalog1,644
New KEV · 24H0
Exploit Today ≥ 701,579
Distribution · last window
- Critical1,283
- High4,187
- Medium3,505
- Low268
Window
Severity
Flags
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2017-7269—100.0%
KEV—80Microsoft Windows Server Buffer Overflow Vulnerability—CVE-2024-4577—100.0%
KEVR80PHP-CGI OS Command Injection Vulnerability—CVE-2014-7169—100.0%
KEV—80GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability—CVE-2019-7481—100.0%
KEVR80SonicWall SMA100 SQL Injection Vulnerability—CVE-2020-15505—100.0%
KEV—80Ivanti MobileIron Multiple Products Remote Code Execution Vulnerability—CVE-2022-41040—100.0%
KEVR80Microsoft Exchange Server Server-Side Request Forgery Vulnerability—CVE-2022-30525—100.0%
KEV—80Zyxel Multiple Firewalls OS Command Injection Vulnerability—CVE-2021-42013—100.0%
KEVR80Apache HTTP Server Path Traversal Vulnerability—CVE-2012-0158—100.0%
KEV—80Microsoft MSCOMCTL.OCX Remote Code Execution Vulnerability—CVE-2015-3113—100.0%
KEV—80Adobe Flash Player Heap-Based Buffer Overflow Vulnerability—CVE-2021-34523—100.0%
KEVR80Microsoft Exchange Server Privilege Escalation Vulnerability—CVE-2022-46169—100.0%
KEV—80Cacti Command Injection Vulnerability—CVE-2016-6277—100.0%
KEV—80NETGEAR Multiple Routers Remote Code Execution Vulnerability—CVE-2017-0199—100.0%
KEVR80Microsoft Office and WordPad Remote Code Execution Vulnerability—CVE-2023-42793—100.0%
KEVR80JetBrains TeamCity Authentication Bypass Vulnerability—CVE-2020-25506—100.0%
KEV—80D-Link DNS-320 Device Command Injection Vulnerability—CVE-2025-53770—100.0%
KEVR80Microsoft SharePoint Deserialization of Untrusted Data Vulnerability—CVE-2021-1497—100.0%
KEV—80Cisco HyperFlex HX Installer Virtual Machine Command Injection Vulnerability—CVE-2022-35405—100.0%
KEV—80Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability—CVE-2017-11882—100.0%
KEVR80Microsoft Office Memory Corruption Vulnerability—CVE-2024-29824—100.0%
KEV—80Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability—CVE-2022-22963—100.0%
KEV—80VMware Tanzu Spring Cloud Function Remote Code Execution Vulnerability—CVE-2025-31161—100.0%
KEVR80CrushFTP Authentication Bypass Vulnerability—CVE-2021-33044—100.0%
KEV—80Dahua IP Camera Authentication Bypass Vulnerability—CVE-2024-1709—100.0%
KEVR80ConnectWise ScreenConnect Authentication Bypass Vulnerability—CVE-2025-61882—100.0%
KEVR80Oracle E-Business Suite Unspecified Vulnerability—CVE-2017-0147—100.0%
KEVR80Microsoft Windows SMBv1 Information Disclosure Vulnerability—CVE-2024-45195—100.0%
KEV—80Apache OFBiz Forced Browsing Vulnerability—CVE-2023-23752—100.0%
KEV—80Joomla! Improper Access Control Vulnerability—CVE-2022-40684—100.0%
KEVR80Fortinet Multiple Products Authentication Bypass Vulnerability—CVE-2019-1653—100.0%
KEV—80Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability—CVE-2022-1040—100.0%
KEV—80Sophos Firewall Authentication Bypass Vulnerability—CVE-2025-5777—100.0%
KEVR80Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability—CVE-2017-1000353—100.0%
KEV—80Jenkins Remote Code Execution Vulnerability—CVE-2023-21839—100.0%
KEV—80Oracle WebLogic Server Unspecified Vulnerability—CVE-2021-45046—100.0%
KEVR80Apache Log4j2 Deserialization of Untrusted Data Vulnerability—CVE-2021-22986—100.0%
KEVR80F5 BIG-IP and BIG-IQ Centralized Management iControl REST Remote Code Execution Vulnerability—CVE-2022-1388—100.0%
KEVR80F5 BIG-IP Missing Authentication Vulnerability—CVE-2023-34362—100.0%
KEVR80Progress MOVEit Transfer SQL Injection Vulnerability—CVE-2021-20038—100.0%
KEVR80SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability—