Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Jun 9, 2026 | CVE-2026-11645 | Google Chromium V8 |
Google Chromium V8 Out-of-Bounds Read and Write Vulnerability
Google Chromium V8 out-of-bounds read and write vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. This vulnerabi…
|
8.8 | 5.5% |
| May 20, 2026 | CVE-2008-4250 | Microsoft Windows |
Microsoft Windows Buffer Overflow Vulnerability
Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that trig…
|
— | 91.8% |
| May 20, 2026 | CVE-2009-1537 | Microsoft DirectX |
Microsoft DirectX NULL Byte Overwrite Vulnerability
Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to execute arbit…
|
— | 53.0% |
| May 20, 2026 | CVE-2009-3459 | Adobe Acrobat and Reader |
Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability
Adobe Acrobat and Reader contain a heap-based buffer overflow vulnerability which could allow remote attackers to execute arbitrary code via a crafted PDF file that triggers memor…
|
— | 88.1% |
| May 20, 2026 | CVE-2010-0249 | Microsoft Internet Explorer |
Microsoft Internet Explorer Use-After-Free Vulnerability
Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associated with a deleted o…
|
— | 88.7% |
| May 20, 2026 | CVE-2010-0806 | Microsoft Internet Explorer |
Microsoft Internet Explorer Use-After-Free Vulnerability
Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to an invalid pointer…
|
— | 87.3% |
| May 20, 2026 | CVE-2026-41091 | Microsoft Defender |
Microsoft Defender Link Following Vulnerability
Microsoft Defender contains a link following vulnerability that allows an authorized attacker to elevate privileges locally.
|
— | 8.1% |
| May 20, 2026 | CVE-2026-45498 | Microsoft Defender |
Microsoft Defender Denial of Service Vulnerability
Microsoft Defender contains an unspecified vulnerability that allows for denial of service.
|
— | 3.6% |
| May 15, 2026 | CVE-2026-42897 | Microsoft Microsoft |
Microsoft Exchange Server Cross-Site Scripting Vulnerability
Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditions are met, arbitrary…
|
— | 7.9% |
| Apr 28, 2026 |
CVE-2024-1708
Ransomware |
ConnectWise ScreenConnect |
ConnectWise ScreenConnect Path Traversal Vulnerability
ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical systems.
|
— | 84.8% |
| Apr 28, 2026 | CVE-2026-32202 | Microsoft Windows |
Microsoft Windows Protection Mechanism Failure Vulnerability
Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to perform spoofing over a network.
|
— | 53.1% |
| Apr 22, 2026 | CVE-2026-33825 | Microsoft Defender |
Microsoft Defender Insufficient Granularity of Access Control Vulnerability
Microsoft Defender contains an insufficient granularity of access control vulnerability that could allow an authorized attacker to escalate privileges locally.
|
— | 9.0% |
| Apr 14, 2026 | CVE-2009-0238 | Microsoft Office |
Microsoft Office Remote Code Execution
Microsoft Office Excel contains a remote code execution vulnerability that could allow an attacker to take complete control of an affected system if a user opens a specially craft…
|
— | 74.7% |
| Apr 14, 2026 | CVE-2026-32201 | Microsoft SharePoint Server |
Microsoft SharePoint Server Improper Input Validation Vulnerability
Microsoft SharePoint Server contains an improper input validation vulnerability that allows an unauthorized attacker to perform spoofing over a network.
|
— | 7.9% |
| Apr 13, 2026 | CVE-2012-1854 | Microsoft Visual Basic for Applications (VBA) |
Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability
Microsoft Visual Basic for Applications (VBA) contains an insecure library loading vulnerability that could allow for remote code execution.
|
— | 3.1% |
| Apr 13, 2026 | CVE-2020-9715 | Adobe Acrobat |
Adobe Acrobat Use-After-Free Vulnerability
Adobe Acrobat contains a use-after-free vulnerability that allows for code execution
|
— | 79.2% |
| Apr 13, 2026 |
CVE-2023-21529
Ransomware |
Microsoft Exchange Server |
Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability
Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution.
|
— | 27.0% |
| Apr 13, 2026 | CVE-2023-36424 | Microsoft Windows |
Microsoft Windows Out-of-Bounds Read Vulnerability
Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation
|
— | 9.8% |
| Apr 13, 2026 | CVE-2025-60710 | Microsoft Windows |
Microsoft Windows Link Following Vulnerability
Microsoft Windows contains a link following vulnerability that allows for privilege escalation
|
— | 19.0% |
| Apr 13, 2026 | CVE-2026-34621 | Adobe Acrobat and Reader |
Adobe Acrobat and Reader Prototype Pollution Vulnerability
Adobe Acrobat and Reader contain a prototype pollution vulnerability that allows for arbitrary code execution.
|
— | 11.0% |
| Apr 1, 2026 | CVE-2026-5281 | Google Dawn |
Google Dawn Use-After-Free Vulnerability
Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.…
|
— | 0.9% |
| Mar 20, 2026 | CVE-2025-31277 | Apple Multiple Products |
Apple Multiple Products Buffer Overflow Vulnerability
Apple Safari, iOS, watchOS, visionOS, iPadOS, macOS, and tvOS contain a buffer overflow vulnerability that could allow the processing of maliciously crafted web content which may …
|
— | 0.3% |
| Mar 20, 2026 | CVE-2025-43510 | Apple Multiple Products |
Apple Multiple Products Improper Locking Vulnerability
Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability that could allow a malicious application to cause unexpected changes in memory shar…
|
— | 0.3% |
| Mar 20, 2026 | CVE-2025-43520 | Apple Multiple Products |
Apple Multiple Products Classic Buffer Overflow Vulnerability
Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain a classic buffer overflow vulnerability which could allow a malicious application to cause unexpected system terminat…
|
— | 0.3% |
| Mar 18, 2026 | CVE-2026-20963 | Microsoft SharePoint |
Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network.
|
— | 8.1% |
| Mar 13, 2026 | CVE-2026-3909 | Google Skia |
Google Skia Out-of-Bounds Write Vulnerability
Google Skia contains an out-of-bounds write vulnerability that could allow a remote attacker to perform out of bounds memory access via a crafted HTML page. This vulnerability aff…
|
— | 0.5% |
| Mar 13, 2026 | CVE-2026-3910 | Google Chromium V8 |
Google Chromium V8 Improper Restriction of Operations Within the Bounds of a Memory Buffer Vulnerability
Google Chromium V8 contains an improper restriction of operations within the bounds of a memory buffer vulnerability that could allow a remote attacker to execute arbitrary code i…
|
— | 3.2% |
| Mar 5, 2026 | CVE-2021-30952 | Apple Multiple Products |
Apple Multiple Products Integer Overflow or Wraparound Vulnerability
Apple tvOS, macOS, Safari, iPadOS and watchOS contain an integer overflow or wraparound vulnerability due to the processing of maliciously crafted web content that may lead to arb…
|
— | 0.8% |
| Mar 5, 2026 | CVE-2023-41974 | Apple iOS and iPadOS |
Apple iOS and iPadOS Use-After-Free Vulnerability
Apple iOS and iPadOS contain a use-after-free vulnerability. An app may be able to execute arbitrary code with kernel privileges.
|
— | 0.2% |
| Mar 5, 2026 | CVE-2023-43000 | Apple Multiple Products |
Apple Multiple products Use-After-Free Vulnerability
Apple macOS, iOS, iPadOS, and Safari 16.6 contain a use-after-free vulnerability due to the processing of maliciously crafted web content that may lead to memory corruption.
|
— | 0.0% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.