Vulnerabilities exploitable today
349,304in current view
Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.
In KEV catalog1,647
New KEV · 24H0
Exploit Today ≥ 701,582
Distribution · last window
- Critical1,310
- High4,271
- Medium3,627
- Low280
Window
Severity
Flags
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2020-2506—78.3%
KEV—74QNAP Helpdesk Improper Access Control Vulnerability—CVE-2021-40450—78.2%
KEV—73Microsoft Win32k Privilege Escalation Vulnerability—CVE-2021-41357—78.2%
KEV—73Microsoft Win32k Privilege Escalation Vulnerability—CVE-2025-40602—77.9%
KEV—73SonicWall SMA1000 Missing Authorization Vulnerability—CVE-2025-59689—77.7%
KEV—73Libraesva Email Security Gateway Command Injection Vulnerability—CVE-2025-0111—77.7%
KEV—73Palo Alto Networks PAN-OS File Read Vulnerability—CVE-2019-0797—77.2%
KEV—73Microsoft Win32k Privilege Escalation Vulnerability—CVE-2021-38645—77.2%
KEV—73Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability—CVE-2018-19322—77.0%
KEVR73GIGABYTE Multiple Products Code Execution Vulnerability—CVE-2023-28229—77.0%
KEV—73Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability—CVE-2026-48027—76.7%
KEVR73Nx Console Embedded Malicious Code Vulnerability—CVE-2025-24991—76.7%
KEV—73Microsoft Windows NTFS Out-Of-Bounds Read Vulnerability—CVE-2025-24984—76.5%
KEV—73Microsoft Windows NTFS Information Disclosure Vulnerability—CVE-2024-7694—76.1%
KEV—73TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability—CVE-2019-1129—75.8%
KEVR73Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability—CVE-2025-27920—75.8%
KEV—73Srimax Output Messenger Directory Traversal Vulnerability—CVE-2024-7262—75.7%
KEV—73Kingsoft WPS Office Path Traversal Vulnerability—CVE-2020-11261—75.7%
KEV—73Qualcomm Multiple Chipsets Improper Input Validation Vulnerability—CVE-2025-30400—75.5%
KEV—73Microsoft Windows DWM Core Library Use-After-Free Vulnerability—CVE-2022-41033—75.5%
KEV—73Microsoft Windows COM+ Event System Service Privilege Escalation Vulnerability—CVE-2025-48700—75.5%
KEV—73Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability—CVE-2025-48595—74.8%
KEV—72Android Framework Integer Overflow Vulnerability—CVE-2025-22226—74.3%
KEV—72VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability—CVE-2025-32709—74.0%
KEV—72Microsoft Windows Ancillary Function Driver for WinSock Use-After-Free Vulnerability—CVE-2025-24989—74.0%
KEV—72Microsoft Power Pages Improper Access Control Vulnerability—CVE-2025-21590—74.0%
KEV—72Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability—CVE-2026-11645—73.9%
KEV—72Google Chromium V8 Out-of-Bounds Read and Write Vulnerability—CVE-2024-38107—73.6%
KEV—72Microsoft Windows Power Dependency Coordinator Privilege Escalation Vulnerability—CVE-2026-3909—73.5%
KEV—72Google Skia Out-of-Bounds Write Vulnerability—CVE-2025-8875—72.9%
KEV—72N-able N-Central Insecure Deserialization Vulnerability—CVE-2026-489089.8 CRI72.6%
KEV—72JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability9dCVE-2019-8720—72.2%
KEV—72WebKitGTK Memory Corruption Vulnerability—CVE-2025-21418—72.1%
KEV—72Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability—CVE-2025-21334—71.9%
KEV—72Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability—CVE-2025-22224—71.8%
KEV—72VMware ESXi and Workstation TOCTOU Race Condition Vulnerability—CVE-2026-21514—71.7%
KEV—72Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability—CVE-2013-2597—71.7%
KEV—72Code Aurora ACDB Audio Driver Stack-based Buffer Overflow Vulnerability—CVE-2026-489399.8 CRI71.5%
KEV—71iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability7dCVE-2024-21287—71.3%
KEV—71Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability—CVE-2026-154107.2 HIG71.1%
KEV—71SonicWall SMA1000 Appliances Code Injection Vulnerability2d