Vulnerabilities exploitable today
349,130in current view
Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.
In KEV catalog1,644
New KEV · 24H0
Exploit Today ≥ 701,579
Distribution · last window
- Critical1,293
- High4,219
- Medium3,544
- Low277
Window
Severity
Flags
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2020-7247—99.9%
KEV—80OpenSMTPD Remote Code Execution Vulnerability—CVE-2026-24061—99.9%
KEV—80GNU InetUtils Argument Injection Vulnerability—CVE-2021-31166—99.9%
KEV—80Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability—CVE-2021-3156—99.9%
KEV—80Sudo Heap-Based Buffer Overflow Vulnerability—CVE-2024-27348—99.9%
KEV—80Apache HugeGraph-Server Improper Access Control Vulnerability—CVE-2008-4250—99.9%
KEV—80Microsoft Windows Buffer Overflow Vulnerability—CVE-2017-0148—99.9%
KEVR80Microsoft SMBv1 Server Remote Code Execution Vulnerability—CVE-2024-4885—99.9%
KEV—80Progress WhatsUp Gold Path Traversal Vulnerability—CVE-2024-32113—99.9%
KEV—80Apache OFBiz Path Traversal Vulnerability—CVE-2020-10199—99.9%
KEV—80Sonatype Nexus Repository Remote Code Execution Vulnerability—CVE-2023-22515—99.9%
KEVR80Atlassian Confluence Data Center and Server Broken Access Control Vulnerability—CVE-2020-0618—99.9%
KEV—80Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability—CVE-2022-27925—99.9%
KEVR80Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability—CVE-2022-36804—99.9%
KEV—80Atlassian Bitbucket Server and Data Center Command Injection Vulnerability—CVE-2025-48703—99.9%
KEV—80CWP Control Web Panel OS Command Injection Vulnerability—CVE-2012-3152—99.9%
KEV—80Oracle Fusion Middleware Unspecified Vulnerability—CVE-2017-0144—99.9%
KEVR80Microsoft SMBv1 Remote Code Execution Vulnerability—CVE-2014-6278—99.9%
KEV—80GNU Bash OS Command Injection Vulnerability—CVE-2017-9791—99.9%
KEV—80Apache Struts 1 Improper Input Validation Vulnerability—CVE-2020-13927—99.9%
KEV—80Apache Airflow's Experimental API Authentication Bypass—CVE-2019-11043—99.9%
KEVR80PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability—CVE-2021-32030—99.9%
KEV—80ASUS Routers Improper Authentication Vulnerability—CVE-2020-1938—99.9%
KEV—80Apache Tomcat Improper Privilege Management Vulnerability—CVE-2022-30190—99.9%
KEVR80Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability—CVE-2017-3881—99.9%
KEV—80Cisco IOS and IOS XE Remote Code Execution Vulnerability—CVE-2021-33045—99.9%
KEV—80Dahua IP Camera Authentication Bypass Vulnerability—CVE-2017-12615—99.9%
KEVR80Apache Tomcat on Windows Remote Code Execution Vulnerability—CVE-2022-0543—99.9%
KEV—80Debian-specific Redis Server Lua Sandbox Escape Vulnerability—CVE-2019-3929—99.9%
KEV—80Crestron Multiple Products Command Injection Vulnerability—CVE-2018-2628—99.9%
KEV—80Oracle WebLogic Server Unspecified Vulnerability—CVE-2023-34048—99.9%
KEV—80VMware vCenter Server Out-of-Bounds Write Vulnerability—CVE-2019-16278—99.9%
KEV—80Nostromo nhttpd Directory Traversal Vulnerability—CVE-2020-16846—99.9%
KEV—80SaltStack Salt Shell Injection Vulnerability—CVE-2023-28771—99.9%
KEV—80Zyxel Multiple Firewalls OS Command Injection Vulnerability—CVE-2021-40539—99.9%
KEVR80Zoho ManageEngine ADSelfService Plus Authentication Bypass Vulnerability—CVE-2022-22965—99.9%
KEV—80Spring Framework JDK 9+ Remote Code Execution Vulnerability—CVE-2017-7494—99.9%
KEVR80Samba Remote Code Execution Vulnerability—CVE-2020-0646—99.9%
KEV—80Microsoft .NET Framework Remote Code Execution Vulnerability—CVE-2025-31324—99.9%
KEVR80SAP NetWeaver Unrestricted File Upload Vulnerability—CVE-2024-4040—99.9%
KEV—80CrushFTP VFS Sandbox Escape Vulnerability—