Vulnerabilities exploitable today
4,276in current view
Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.
In KEV catalog1,644
New KEV · 24H0
Exploit Today ≥ 701,579
Distribution · last window
- Critical1,293
- High4,219
- Medium3,544
- Low277
Window
Severity
Flags
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2018-7602—99.9%
KEVR80Drupal Core Remote Code Execution Vulnerability—CVE-2017-0144—99.9%
KEVR80Microsoft SMBv1 Remote Code Execution Vulnerability—CVE-2020-0646—99.9%
KEV—80Microsoft .NET Framework Remote Code Execution Vulnerability—CVE-2024-27348—99.9%
KEV—80Apache HugeGraph-Server Improper Access Control Vulnerability—CVE-2020-36289—99.9%
——30——CVE-2022-24086—99.9%
KEV—80Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability—CVE-2023-349609.8 CRI99.9%
——30A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.8dCVE-2023-22515—99.9%
KEVR80Atlassian Confluence Data Center and Server Broken Access Control Vulnerability—CVE-2022-24637—99.9%
——30——CVE-2020-11978—99.9%
KEV—80Apache Airflow Command Injection—CVE-2021-44529—99.9%
KEVR80Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability —CVE-2025-1974—99.9%
——30——CVE-2022-36804—99.9%
KEV—80Atlassian Bitbucket Server and Data Center Command Injection Vulnerability—CVE-2015-1538—99.9%
——30——CVE-2020-10199—99.9%
KEV—80Sonatype Nexus Repository Remote Code Execution Vulnerability—CVE-2019-16278—99.9%
KEV—80Nostromo nhttpd Directory Traversal Vulnerability—CVE-2026-10520—99.9%
KEV—80Ivanti Sentry OS Command Injection Vulnerability—CVE-2020-0618—99.9%
KEV—80Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability—CVE-2020-11022—99.9%
——30——CVE-2021-21978—99.9%
——30——CVE-2023-36884—99.9%
KEVR80Microsoft Windows Search Remote Code Execution Vulnerability—CVE-2017-3881—99.9%
KEV—80Cisco IOS and IOS XE Remote Code Execution Vulnerability—CVE-2022-30333—99.9%
KEVR80RARLAB UnRAR Directory Traversal Vulnerability—CVE-2021-40539—99.9%
KEVR80Zoho ManageEngine ADSelfService Plus Authentication Bypass Vulnerability—CVE-2012-1442—99.9%
——30——CVE-2019-3929—99.9%
KEV—80Crestron Multiple Products Command Injection Vulnerability—CVE-2020-7247—99.9%
KEV—80OpenSMTPD Remote Code Execution Vulnerability—CVE-2011-3192—99.9%
——30——CVE-2017-9791—99.9%
KEV—80Apache Struts 1 Improper Input Validation Vulnerability—CVE-2020-9496—99.9%
——30——CVE-2023-32560—99.9%
——30——CVE-2022-3236—99.9%
KEV—80Sophos Firewall Code Injection Vulnerability—CVE-2026-24061—99.9%
KEV—80GNU InetUtils Argument Injection Vulnerability—CVE-2023-47246—99.9%
KEVR80SysAid Server Path Traversal Vulnerability—CVE-2018-19276—99.9%
——30——CVE-2023-28341—99.9%
——30——CVE-2020-7209—99.9%
——30——CVE-2008-4250—99.9%
KEV—80Microsoft Windows Buffer Overflow Vulnerability—CVE-2019-11477—99.9%
——30——CVE-2022-24816—99.9%
KEV—80OSGeo GeoServer JAI-EXT Code Injection Vulnerability—