Full CISA KEV catalog

Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.

Showing 1–30 of 171 CVEs · Page 1 of 6 30 per page
Added CVE Vendor / Product Name & description CVSS EPSS
Jun 12, 2026 CVE-2026-35273
Ransomware
Oracle PeopleSoft Enterprise PeopleTools
database enterprise
Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability
Oracle PeopleSoft Enterprise PeopleTools contains a missing authentication for critical function vulnerability which could allow an unauthenticated attacker to obtain takeover of …
9.8 0.0%
Jun 5, 2026 CVE-2026-28318 SolarWinds Serv-U
enterprise
SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability
SolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST requests using the Content-Encoding: deflate header to crash the S…
7.5 6.3%
Jun 1, 2026 CVE-2024-21182 Oracle WebLogic Server
database enterprise
Oracle WebLogic Server Unspecified Vulnerability
Oracle WebLogic contains an unspecified vulnerability that could allow an unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successfu…
89.7%
Apr 28, 2026 CVE-2024-1708
Ransomware
ConnectWise ScreenConnect
enterprise smb essential
ConnectWise ScreenConnect Path Traversal Vulnerability
ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical systems.
84.8%
Mar 30, 2026 CVE-2026-3055 Citrix NetScaler
enterprise vpn remote
Citrix NetScaler Out-of-Bounds Read Vulnerability
Citrix NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS and NDcPP contain an out-of-bounds reads vulnerability when configur…
89.9%
Mar 9, 2026 CVE-2025-26399 SolarWinds Web Help Desk
enterprise
SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability
SolarWinds Web Help Desk contain a deserialization of untrusted data vulnerability in AjaxProxy that could allow an attacker to run commands on the host machine.
30.5%
Mar 3, 2026 CVE-2026-22719 Broadcom VMware Aria Operations
enterprise
Broadcom VMware Aria Operations Command Injection Vulnerability
Broadcom VMware Aria Operations formerly known as vRealize Operations (vROps) contains a command injection vulnerability that allows an unauthenticated attacker to execute arbitra…
1.9%
Feb 18, 2026 CVE-2021-22175 GitLab GitLab
enterprise smb essential
GitLab Server-Side Request Forgery (SSRF) Vulnerability
GitLab contains a server-side request forgery (SSRF) vulnerability when requests to the internal network for webhooks are enabled.
80.0%
Feb 12, 2026 CVE-2025-40536 SolarWinds Web Help Desk
enterprise
SolarWinds Web Help Desk Security Control Bypass Vulnerability
SolarWinds Web Help Desk contains a security control bypass vulnerability that could allow an unauthenticated attacker to gain access to certain restricted functionality.
70.4%
Feb 3, 2026 CVE-2021-39935 GitLab Community and Enterprise Editions
enterprise smb essential
GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability
GitLab Community and Enterprise Editions contain a server-side request forgery vulnerability which could allow unauthorized external users to perform Server Side Requests via the …
64.5%
Feb 3, 2026 CVE-2025-40551 SolarWinds Web Help Desk
enterprise
SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability
SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the …
87.1%
Jan 23, 2026 CVE-2024-37079 Broadcom VMware vCenter Server
enterprise
Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability
Broadcom VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. This could allow a malicious actor with network access t…
77.0%
Nov 21, 2025 CVE-2025-61757 Oracle Fusion Middleware
database enterprise
Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability
Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticated remote attackers to take over Identity Manager.
87.8%
Oct 30, 2025 CVE-2025-41244 Broadcom VMware Aria Operations and VMware Tools
enterprise
Broadcom VMware Aria Operations and VMware Tools Privilege Defined with Unsafe Actions Vulnerability
Broadcom VMware Aria Operations and VMware Tools contain a privilege defined with unsafe actions vulnerability. A malicious local actor with non-administrative privileges having a…
0.5%
Oct 20, 2025 CVE-2025-61884
Ransomware
Oracle E-Business Suite
database enterprise
Oracle E-Business Suite Server-Side Request Forgery (SSRF) Vulnerability
Oracle E-Business Suite contains a server-side request forgery (SSRF) vulnerability in the Runtime component of Oracle Configurator. This vulnerability is remotely exploitable wit…
51.1%
Oct 6, 2025 CVE-2025-61882
Ransomware
Oracle E-Business Suite
database enterprise
Oracle E-Business Suite Unspecified Vulnerability
Oracle E-Business Suite contains an unspecified vulnerability in the BI Publisher Integration component. The vulnerability allows unauthenticated attacker with network access via …
90.9%
Aug 26, 2025 CVE-2025-7775 Citrix NetScaler
enterprise vpn remote
Citrix NetScaler Memory Overflow Vulnerability
Citrix NetScaler ADC and NetScaler Gateway contain a memory overflow vulnerability that could allow for remote code execution and/or denial of service.
7.8%
Aug 25, 2025 CVE-2024-8068 Citrix Session Recording
enterprise vpn remote
Citrix Session Recording Improper Privilege Management Vulnerability
Citrix Session Recording contains an improper privilege management vulnerability that could allow for privilege escalation to NetworkService Account access. An attacker must be an…
8.1%
Aug 25, 2025 CVE-2024-8069 Citrix Session Recording
enterprise vpn remote
Citrix Session Recording Deserialization of Untrusted Data Vulnerability
Citrix Session Recording contains a deserialization of untrusted data vulnerability that allows limited remote code execution with privilege of a NetworkService Account access. At…
48.3%
Jul 10, 2025 CVE-2025-5777
Ransomware
Citrix NetScaler ADC and Gateway
enterprise vpn remote
Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability
Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient input validation. This vulnerability can lead to memory overread when the NetScale…
71.5%
Jun 30, 2025 CVE-2025-6543 Citrix NetScaler ADC and Gateway
enterprise vpn remote
Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability
Citrix NetScaler ADC and Gateway contain a buffer overflow vulnerability leading to unintended control flow and Denial of Service. NetScaler must be configured as Gateway (VPN vir…
1.1%
Jun 2, 2025 CVE-2025-3935 ConnectWise ScreenConnect
enterprise smb essential
ConnectWise ScreenConnect Improper Authentication Vulnerability
ConnectWise ScreenConnect contains an improper authentication vulnerability. This vulnerability could allow a ViewState code injection attack, which could allow remote code execut…
6.1%
May 15, 2025 CVE-2025-42999 SAP NetWeaver
enterprise
SAP NetWeaver Deserialization Vulnerability
SAP NetWeaver Visual Composer Metadata Uploader contains a deserialization vulnerability that allows a privileged attacker to compromise the confidentiality, integrity, and availa…
38.6%
Apr 29, 2025 CVE-2025-31324
Ransomware
SAP NetWeaver
enterprise
SAP NetWeaver Unrestricted File Upload Vulnerability
SAP NetWeaver Visual Composer Metadata Uploader contains an unrestricted file upload vulnerability that allows an unauthenticated agent to upload potentially malicious executable …
43.7%
Apr 28, 2025 CVE-2025-1976 Broadcom Brocade Fabric OS
enterprise
Broadcom Brocade Fabric OS Code Injection Vulnerability
Broadcom Brocade Fabric OS contains a code injection vulnerability that allows a local user with administrative privileges to execute arbitrary code with full root privileges.
0.9%
Mar 19, 2025 CVE-2017-12637 SAP NetWeaver
enterprise
SAP NetWeaver Directory Traversal Vulnerability
SAP NetWeaver Application Server (AS) Java contains a directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS that allows a remote attacker to rea…
93.4%
Mar 4, 2025 CVE-2025-22224 VMware ESXi and Workstation
enterprise
VMware ESXi and Workstation TOCTOU Race Condition Vulnerability
VMware ESXi and Workstation contain a time-of-check time-of-use (TOCTOU) race condition vulnerability that leads to an out-of-bounds write. Successful exploitation enables an atta…
46.8%
Mar 4, 2025 CVE-2025-22225
Ransomware
VMware ESXi
enterprise
VMware ESXi Arbitrary Write Vulnerability
VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges within the VMX process to trigger an arbitrary kernel write leadi…
9.8%
Mar 4, 2025 CVE-2025-22226 VMware ESXi, Workstation, and Fusion
enterprise
VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. Successful exploitation allows an attacker with administ…
4.2%
Mar 3, 2025 CVE-2024-4885 Progress WhatsUp Gold
enterprise
Progress WhatsUp Gold Path Traversal Vulnerability
Progress WhatsUp Gold contains a path traversal vulnerability that allows an unauthenticated attacker to achieve remote code execution.
94.3%

Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.