Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Apr 9, 2025 | CVE-2024-53150 | Linux Kernel |
Linux Kernel Out-of-Bounds Read Vulnerability
Linux Kernel contains an out-of-bounds read vulnerability in the USB-audio driver that allows a local, privileged attacker to obtain potentially sensitive information.
|
— | 1.1% |
| Apr 9, 2025 | CVE-2024-53197 | Linux Kernel |
Linux Kernel Out-of-Bounds Access Vulnerability
Linux Kernel contains an out-of-bounds access vulnerability in the USB-audio driver that allows an attacker with physical access to the system to use a malicious USB device to pot…
|
— | 2.0% |
| Apr 8, 2025 |
CVE-2025-29824
Ransomware |
Microsoft Windows |
Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
|
— | 0.8% |
| Apr 8, 2025 | CVE-2025-30406 | Gladinet CentreStack |
Gladinet CentreStack and Triofox Use of Hard-coded Cryptographic Key Vulnerability
Gladinet CentreStack and Triofox contains a use of hard-coded cryptographic key vulnerability in the way that the application manages keys used for ViewState integrity verificatio…
|
— | 85.4% |
| Apr 7, 2025 |
CVE-2025-31161
Ransomware |
CrushFTP CrushFTP |
CrushFTP Authentication Bypass Vulnerability
CrushFTP contains an authentication bypass vulnerability in the HTTP authorization header that allows a remote unauthenticated attacker to authenticate to any known or guessable u…
|
— | 88.9% |
| Apr 4, 2025 |
CVE-2025-22457
Ransomware |
Ivanti Connect Secure, Policy Secure, and ZTA Gateways |
Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability
Ivanti Connect Secure, Policy Secure, and ZTA Gateways contains a stack-based buffer overflow vulnerability that allows a remote unauthenticated attacker to achieve remote code ex…
|
— | 58.9% |
| Apr 1, 2025 | CVE-2025-24813 | Apache Tomcat |
Apache Tomcat Path Equivalence Vulnerability
Apache Tomcat contains a path equivalence vulnerability that allows a remote attacker to execute code, disclose information, or inject malicious content via a partial PUT request.
|
— | 94.1% |
| Mar 31, 2025 | CVE-2024-20439 | Cisco Smart Licensing Utility |
Cisco Smart Licensing Utility Static Credential Vulnerability
Cisco Smart Licensing Utility contains a static credential vulnerability that allows an unauthenticated, remote attacker to log in to an affected system and gain administrative cr…
|
— | 87.1% |
| Mar 27, 2025 | CVE-2025-2783 | Google Chromium Mojo |
Google Chromium Mojo Sandbox Escape Vulnerability
Google Chromium Mojo on Windows contains a sandbox escape vulnerability caused by a logic error, which results from an incorrect handle being provided in unspecified circumstances…
|
— | 44.0% |
| Mar 26, 2025 | CVE-2019-9874 | Sitecore CMS and Experience Platform (XP) |
Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability
Sitecore CMS and Experience Platform (XP) contain a deserialization vulnerability in the Sitecore.Security.AntiCSRF module that allows an unauthenticated attacker to execute arbit…
|
— | 87.6% |
| Mar 26, 2025 | CVE-2019-9875 | Sitecore CMS and Experience Platform (XP) |
Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability
Sitecore CMS and Experience Platform (XP) contain a deserialization vulnerability in the Sitecore.Security.AntiCSRF module that allows an authenticated attacker to execute arbitra…
|
— | 56.7% |
| Mar 24, 2025 | CVE-2025-30154 | reviewdog action-setup GitHub Action |
reviewdog/action-setup GitHub Action Embedded Malicious Code Vulnerability
reviewdog action-setup GitHub Action contains an embedded malicious code vulnerability that dumps exposed secrets to Github Actions Workflow Logs.
|
— | 44.2% |
| Mar 19, 2025 | CVE-2017-12637 | SAP NetWeaver |
SAP NetWeaver Directory Traversal Vulnerability
SAP NetWeaver Application Server (AS) Java contains a directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS that allows a remote attacker to rea…
|
— | 93.4% |
| Mar 19, 2025 | CVE-2024-48248 | NAKIVO Backup and Replication |
NAKIVO Backup and Replication Absolute Path Traversal Vulnerability
NAKIVO Backup and Replication contains an absolute path traversal vulnerability that enables an attacker to read arbitrary files.
|
— | 94.0% |
| Mar 19, 2025 | CVE-2025-1316 | Edimax IC-7100 IP Camera |
Edimax IC-7100 IP Camera OS Command Injection Vulnerability
Edimax IC-7100 IP camera contains an OS command injection vulnerability due to improper input sanitization that allows an attacker to achieve remote code execution via specially c…
|
— | 86.7% |
| Mar 18, 2025 |
CVE-2025-24472
Ransomware |
Fortinet FortiOS and FortiProxy |
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF proxy requests.
|
— | 10.4% |
| Mar 18, 2025 | CVE-2025-30066 | tj-actions changed-files GitHub Action |
tj-actions/changed-files GitHub Action Embedded Malicious Code Vulnerability
tj-actions/changed-files GitHub Action contains an embedded malicious code vulnerability that allows a remote attacker to discover secrets by reading Github Actions Workflow Logs.…
|
— | 91.5% |
| Mar 13, 2025 | CVE-2025-21590 | Juniper Junos OS |
Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability
Juniper Junos OS contains an improper isolation or compartmentalization vulnerability. This vulnerability could allows a local attacker with high privileges to inject arbitrary co…
|
— | 1.7% |
| Mar 13, 2025 | CVE-2025-24201 | Apple Multiple Products |
Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability
Apple iOS, iPadOS, macOS, and other Apple products contain an out-of-bounds write vulnerability in WebKit that may allow maliciously crafted web content to break out of Web Conten…
|
— | 0.2% |
| Mar 11, 2025 | CVE-2025-24983 | Microsoft Windows |
Microsoft Windows Win32k Use-After-Free Vulnerability
Microsoft Windows Win32 Kernel Subsystem contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
|
— | 1.8% |
| Mar 11, 2025 | CVE-2025-24984 | Microsoft Windows |
Microsoft Windows NTFS Information Disclosure Vulnerability
Microsoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulnerability that allows an unauthorized attacker to disclose inf…
|
— | 4.3% |
| Mar 11, 2025 | CVE-2025-24985 | Microsoft Windows |
Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability
Microsoft Windows Fast FAT File System Driver contains an integer overflow or wraparound vulnerability that allows an unauthorized attacker to execute code locally.
|
— | 2.1% |
| Mar 11, 2025 | CVE-2025-24991 | Microsoft Windows |
Microsoft Windows NTFS Out-Of-Bounds Read Vulnerability
Microsoft Windows New Technology File System (NTFS) contains an out-of-bounds read vulnerability that allows an authorized attacker to disclose information locally.
|
— | 1.6% |
| Mar 11, 2025 | CVE-2025-24993 | Microsoft Windows |
Microsoft Windows NTFS Heap-Based Buffer Overflow Vulnerability
Microsoft Windows New Technology File System (NTFS) contains a heap-based buffer overflow vulnerability that allows an unauthorized attacker to execute code locally.
|
— | 2.5% |
| Mar 11, 2025 |
CVE-2025-26633
Ransomware |
Microsoft Windows |
Microsoft Windows Management Console (MMC) Improper Neutralization Vulnerability
Microsoft Windows Management Console (MMC) contains an improper neutralization vulnerability that allows an unauthorized attacker to bypass a security feature locally.
|
— | 45.3% |
| Mar 10, 2025 | CVE-2024-13159 | Ivanti Endpoint Manager (EPM) |
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.
|
— | 94.0% |
| Mar 10, 2025 | CVE-2024-13160 | Ivanti Endpoint Manager (EPM) |
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.
|
— | 93.8% |
| Mar 10, 2025 | CVE-2024-13161 | Ivanti Endpoint Manager (EPM) |
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.
|
— | 91.8% |
| Mar 10, 2025 | CVE-2024-57968 | Advantive VeraCore |
Advantive VeraCore Unrestricted File Upload Vulnerability
Advantive VeraCore contains an unrestricted file upload vulnerability that allows a remote unauthenticated attacker to upload files to unintended folders via upload.apsx.
|
— | 41.1% |
| Mar 10, 2025 | CVE-2025-25181 | Advantive VeraCore |
Advantive VeraCore SQL Injection Vulnerability
Advantive VeraCore contains a SQL injection vulnerability in timeoutWarning.asp that allows a remote attacker to execute arbitrary SQL commands via the PmSess1 parameter.
|
— | 72.1% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.