Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Jun 8, 2026 |
CVE-2026-50751
Ransomware |
Check Point Security Gateway |
Check Point Security Gateway Improper Authentication Vulnerability
Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow an unauthenticated remote attacker to bypass user authenticat…
|
9.3 | 11.8% |
| May 20, 2026 | CVE-2008-4250 | Microsoft Windows |
Microsoft Windows Buffer Overflow Vulnerability
Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that trig…
|
— | 91.8% |
| May 20, 2026 | CVE-2009-1537 | Microsoft DirectX |
Microsoft DirectX NULL Byte Overwrite Vulnerability
Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to execute arbit…
|
— | 53.0% |
| May 20, 2026 | CVE-2010-0249 | Microsoft Internet Explorer |
Microsoft Internet Explorer Use-After-Free Vulnerability
Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associated with a deleted o…
|
— | 88.7% |
| May 20, 2026 | CVE-2010-0806 | Microsoft Internet Explorer |
Microsoft Internet Explorer Use-After-Free Vulnerability
Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to an invalid pointer…
|
— | 87.3% |
| May 20, 2026 | CVE-2026-41091 | Microsoft Defender |
Microsoft Defender Link Following Vulnerability
Microsoft Defender contains a link following vulnerability that allows an authorized attacker to elevate privileges locally.
|
— | 8.1% |
| May 20, 2026 | CVE-2026-45498 | Microsoft Defender |
Microsoft Defender Denial of Service Vulnerability
Microsoft Defender contains an unspecified vulnerability that allows for denial of service.
|
— | 3.6% |
| May 15, 2026 | CVE-2026-42897 | Microsoft Microsoft |
Microsoft Exchange Server Cross-Site Scripting Vulnerability
Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditions are met, arbitrary…
|
— | 7.9% |
| Apr 28, 2026 | CVE-2026-32202 | Microsoft Windows |
Microsoft Windows Protection Mechanism Failure Vulnerability
Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to perform spoofing over a network.
|
— | 53.1% |
| Apr 22, 2026 | CVE-2026-33825 | Microsoft Defender |
Microsoft Defender Insufficient Granularity of Access Control Vulnerability
Microsoft Defender contains an insufficient granularity of access control vulnerability that could allow an authorized attacker to escalate privileges locally.
|
— | 9.0% |
| Apr 14, 2026 | CVE-2009-0238 | Microsoft Office |
Microsoft Office Remote Code Execution
Microsoft Office Excel contains a remote code execution vulnerability that could allow an attacker to take complete control of an affected system if a user opens a specially craft…
|
— | 74.7% |
| Apr 14, 2026 | CVE-2026-32201 | Microsoft SharePoint Server |
Microsoft SharePoint Server Improper Input Validation Vulnerability
Microsoft SharePoint Server contains an improper input validation vulnerability that allows an unauthorized attacker to perform spoofing over a network.
|
— | 7.9% |
| Apr 13, 2026 | CVE-2012-1854 | Microsoft Visual Basic for Applications (VBA) |
Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability
Microsoft Visual Basic for Applications (VBA) contains an insecure library loading vulnerability that could allow for remote code execution.
|
— | 3.1% |
| Apr 13, 2026 |
CVE-2023-21529
Ransomware |
Microsoft Exchange Server |
Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability
Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution.
|
— | 27.0% |
| Apr 13, 2026 | CVE-2023-36424 | Microsoft Windows |
Microsoft Windows Out-of-Bounds Read Vulnerability
Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation
|
— | 9.8% |
| Apr 13, 2026 | CVE-2025-60710 | Microsoft Windows |
Microsoft Windows Link Following Vulnerability
Microsoft Windows contains a link following vulnerability that allows for privilege escalation
|
— | 19.0% |
| Mar 18, 2026 | CVE-2026-20963 | Microsoft SharePoint |
Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network.
|
— | 8.1% |
| Feb 17, 2026 | CVE-2008-0015 | Microsoft Windows |
Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability
Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Web page. W…
|
— | 81.6% |
| Feb 12, 2026 | CVE-2024-43468 | Microsoft Configuration Manager |
Microsoft Configuration Manager SQL Injection Vulnerability
Microsoft Configuration Manager contains an SQL injection vulnerability. An unauthenticated attacker could exploit this vulnerability by sending specially crafted requests to the …
|
— | 83.1% |
| Feb 10, 2026 | CVE-2026-21510 | Microsoft Windows |
Microsoft Windows Shell Protection Mechanism Failure Vulnerability
Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.
|
— | 7.1% |
| Feb 10, 2026 | CVE-2026-21513 | Microsoft Windows |
Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability
Microsoft MSHTML Framework contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.
|
— | 27.8% |
| Feb 10, 2026 | CVE-2026-21514 | Microsoft Office |
Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability
Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized attacker to elevate privileges locally.
|
— | 5.3% |
| Feb 10, 2026 | CVE-2026-21519 | Microsoft Windows |
Microsoft Windows Type Confusion Vulnerability
Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.
|
— | 4.2% |
| Feb 10, 2026 | CVE-2026-21525 | Microsoft Windows |
Microsoft Windows NULL Pointer Dereference Vulnerability
Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.
|
— | 8.8% |
| Feb 10, 2026 | CVE-2026-21533 | Microsoft Windows |
Microsoft Windows Improper Privilege Management Vulnerability
Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.
|
— | 19.1% |
| Jan 26, 2026 | CVE-2026-21509 | Microsoft Office |
Microsoft Office Security Feature Bypass Vulnerability
Microsoft Office contains a security feature bypass vulnerability in which reliance on untrusted inputs in a security decision in Microsoft Office could allow an unauthorized atta…
|
— | 7.9% |
| Jan 13, 2026 | CVE-2026-20805 | Microsoft Windows |
Microsoft Windows Information Disclosure Vulnerability
Microsoft Windows Desktop Windows Manager contains an information disclosure vulnerability that allows an authorized attacker to disclose information locally.
|
— | 2.3% |
| Jan 7, 2026 | CVE-2009-0556 | Microsoft Office |
Microsoft Office PowerPoint Code Injection Vulnerability
Microsoft Office PowerPoint contains a code injection vulnerability that allows remote attackers to execute arbitrary code via a PowerPoint file with an OutlineTextRefAtom contain…
|
— | 59.0% |
| Dec 9, 2025 | CVE-2025-62221 | Microsoft Windows |
Microsoft Windows Use After Free Vulnerability
Microsoft Windows Cloud Files Mini Filter Driver contains a use after free vulnerability that can allow an authorized attacker to elevate privileges locally.
|
— | 1.5% |
| Nov 12, 2025 | CVE-2025-62215 | Microsoft Windows |
Microsoft Windows Race Condition Vulnerability
Microsoft Windows Kernel contains a race condition vulnerability that allows a local attacker with low-level privileges to escalate privileges. Successful exploitation of this vul…
|
— | 2.4% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.