Vulnerabilities exploitable today
4,276in current view
Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.
In KEV catalog1,644
New KEV · 24H0
Exploit Today ≥ 701,579
Distribution · last window
- Critical1,293
- High4,219
- Medium3,544
- Low277
Window
Severity
Flags
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2021-34527—100.0%
KEVR80Microsoft Windows Print Spooler Remote Code Execution Vulnerability—CVE-2022-47966—100.0%
KEVR80Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability—CVE-2019-18935—100.0%
KEVR80Progress Telerik UI for ASP.NET AJAX Deserialization of Untrusted Data Vulnerability—CVE-2020-15505—100.0%
KEV—80Ivanti MobileIron Multiple Products Remote Code Execution Vulnerability—CVE-2023-4863—100.0%
KEV—80Google Chromium WebP Heap-Based Buffer Overflow Vulnerability—CVE-2012-1446—100.0%
——30——CVE-2023-38205—100.0%
KEV—80Adobe ColdFusion Improper Access Control Vulnerability—CVE-2021-22205—100.0%
KEVR80GitLab Community and Enterprise Editions Remote Code Execution Vulnerability—CVE-2019-16759—100.0%
KEV—80vBulletin PHP Module Remote Code Execution Vulnerability—CVE-2021-38647—100.0%
KEVR80Microsoft Open Management Infrastructure (OMI) Remote Code Execution Vulnerability—CVE-2025-61882—100.0%
KEVR80Oracle E-Business Suite Unspecified Vulnerability—CVE-2010-2861—100.0%
KEVR80Adobe ColdFusion Directory Traversal Vulnerability—CVE-2016-10033—100.0%
KEV—80PHPMailer Command Injection Vulnerability—CVE-2008-2938—100.0%
——30——CVE-2024-0012—100.0%
KEVR80Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability—CVE-2017-0147—100.0%
KEVR80Microsoft Windows SMBv1 Information Disclosure Vulnerability—CVE-2020-10220—100.0%
——30——CVE-2017-1000353—100.0%
KEV—80Jenkins Remote Code Execution Vulnerability—CVE-2022-22965—99.9%
KEV—80Spring Framework JDK 9+ Remote Code Execution Vulnerability—CVE-2020-13927—99.9%
KEV—80Apache Airflow's Experimental API Authentication Bypass—CVE-2022-0543—99.9%
KEV—80Debian-specific Redis Server Lua Sandbox Escape Vulnerability—CVE-2021-31166—99.9%
KEV—80Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability—CVE-2023-46604—99.9%
KEVR80Apache ActiveMQ Deserialization of Untrusted Data Vulnerability—CVE-2019-0232—99.9%
——30——CVE-2023-29357—99.9%
KEVR80Microsoft SharePoint Server Privilege Escalation Vulnerability—CVE-2023-27372—99.9%
——30——CVE-2012-1443—99.9%
——30——CVE-2022-35914—99.9%
KEV—80Teclib GLPI Remote Code Execution Vulnerability—CVE-2024-5217—99.9%
KEV—80ServiceNow Incomplete List of Disallowed Inputs Vulnerability—CVE-2014-6278—99.9%
KEV—80GNU Bash OS Command Injection Vulnerability—CVE-2022-1471—99.9%
——30——CVE-2024-28995—99.9%
KEV—80SolarWinds Serv-U Path Traversal Vulnerability —CVE-2014-0094—99.9%
——30——CVE-2025-10035—99.9%
KEVR80Fortra GoAnywhere MFT Deserialization of Untrusted Data Vulnerability—CVE-2024-9465—99.9%
KEV—80Palo Alto Networks Expedition SQL Injection Vulnerability—CVE-2017-12615—99.9%
KEVR80Apache Tomcat on Windows Remote Code Execution Vulnerability—CVE-2022-37061—99.9%
——30——CVE-2020-14181—99.9%
——30——CVE-2020-16040—99.9%
——30——CVE-2025-48703—99.9%
KEV—80CWP Control Web Panel OS Command Injection Vulnerability—