Full CISA KEV catalog

Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.

Showing 31–60 of 233 CVEs · Page 2 of 8 30 per page
Added CVE Vendor / Product Name & description CVSS EPSS
Sep 3, 2025 CVE-2023-50224 TP-Link TL-WR841N
network
TP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability
TP-Link TL-WR841N contains an authentication bypass by spoofing vulnerability within the httpd service, which listens on TCP port 80 by default, leading to the disclose of stored …
1.5%
Sep 3, 2025 CVE-2025-9377 TP-Link Multiple Routers
network
TP-Link Archer C7(EU) and TL-WR841N/ND(MS) OS Command Injection Vulnerability
TP-Link Archer C7(EU) and TL-WR841N/ND(MS) contain an OS command injection vulnerability that exists in the Parental Control page. The impacted products could be end-of-life (EoL)…
26.9%
Sep 2, 2025 CVE-2020-24363 TP-Link TL-WA855RE
network
TP-link TL-WA855RE Missing Authentication for Critical Function Vulnerability
TP-link TL-WA855RE contains a missing authentication for critical function vulnerability. This vulnerability could allow an unauthenticated attacker (on the same network) to submi…
11.4%
Aug 5, 2025 CVE-2020-25078 D-Link DCS-2530L and DCS-2670L Devices
network
D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability
D-Link DCS-2530L and DCS-2670L devices contains an unspecified vulnerability that could allow for remote administrator password disclosure. The impacted products could be end-of-l…
94.1%
Aug 5, 2025 CVE-2020-25079 D-Link DCS-2530L and DCS-2670L Devices
network
D-Link DCS-2530L and DCS-2670L Command Injection Vulnerability
D-Link DCS-2530L and DCS-2670L devices contains a command injection vulnerability in the cgi-bin/ddns_enc.cgi. The impacted products could be end-of-life (EoL) and/or end-of-servi…
41.9%
Aug 5, 2025 CVE-2022-40799 D-Link DNR-322L
network
D-Link DNR-322L Download of Code Without Integrity Check Vulnerability
D-Link DNR-322L contains a download of code without integrity check vulnerability that could allow an authenticated attacker to execute OS level commands on the device. The impact…
57.0%
Jul 28, 2025 CVE-2025-20281 Cisco Identity Services Engine
network
Cisco Identity Services Engine Injection Vulnerability
Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supplied input allowing …
33.5%
Jul 28, 2025 CVE-2025-20337 Cisco Identity Services Engine
network
Cisco Identity Services Engine Injection Vulnerability
Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supplied input allowing …
1.4%
Jul 18, 2025 CVE-2025-25257 Fortinet FortiWeb
network vpn remote
Fortinet FortiWeb SQL Injection Vulnerability
Fortinet FortiWeb contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.
26.2%
Jul 7, 2025 CVE-2014-3931 Looking Glass Multi-Router Looking Glass (MRLG)
network
Multi-Router Looking Glass (MRLG) Buffer Overflow Vulnerability
Multi-Router Looking Glass (MRLG) contains a buffer overflow vulnerability that could allow remote attackers to cause an arbitrary memory write and memory corruption.
50.0%
Jun 25, 2025 CVE-2019-6693
Ransomware
Fortinet FortiOS
network vpn remote
Fortinet FortiOS Use of Hard-Coded Credentials Vulnerability
Fortinet FortiOS contains a use of hard-coded credentials vulnerability that could allow an attacker to cipher sensitive data in FortiOS configuration backup file via knowledge of…
72.2%
Jun 25, 2025 CVE-2024-0769 D-Link DIR-859 Router
network
D-Link DIR-859 Router Path Traversal Vulnerability
D-Link DIR-859 routers contain a path traversal vulnerability in the file /hedwig.cgi of the component HTTP POST Request Handler. Manipulation of the argument service with the inp…
76.8%
Jun 16, 2025 CVE-2023-33538 TP-Link Multiple Routers
network
TP-Link Multiple Routers Command Injection Vulnerability
TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm. The impacted products could be …
90.1%
May 14, 2025 CVE-2025-32756 Fortinet Multiple Products
network vpn remote
Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability
Fortinet FortiFone, FortiVoice, FortiNDR and FortiMail contain a stack-based overflow vulnerability that may allow a remote unauthenticated attacker to execute arbitrary code or c…
19.7%
May 1, 2025 CVE-2023-44221 SonicWall SMA100 Appliances
network vpn remote
SonicWall SMA100 Appliances OS Command Injection Vulnerability
SonicWall SMA100 appliances contain an OS command injection vulnerability in the SSL-VPN management interface that allows a remote, authenticated attacker with administrative priv…
23.1%
Apr 16, 2025 CVE-2021-20035 SonicWall SMA100 Appliances
network vpn remote
SonicWall SMA100 Appliances OS Command Injection Vulnerability
SonicWall SMA100 appliances contain an OS command injection vulnerability in the management interface that allows a remote authenticated attacker to inject arbitrary commands as a…
12.8%
Mar 31, 2025 CVE-2024-20439 Cisco Smart Licensing Utility
network
Cisco Smart Licensing Utility Static Credential Vulnerability
Cisco Smart Licensing Utility contains a static credential vulnerability that allows an unauthenticated, remote attacker to log in to an affected system and gain administrative cr…
87.1%
Mar 18, 2025 CVE-2025-24472
Ransomware
Fortinet FortiOS and FortiProxy
network vpn remote
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF proxy requests.
10.4%
Mar 13, 2025 CVE-2025-21590 Juniper Junos OS
network
Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability
Juniper Junos OS contains an improper isolation or compartmentalization vulnerability. This vulnerability could allows a local attacker with high privileges to inject arbitrary co…
1.7%
Mar 3, 2025 CVE-2023-20118 Cisco Small Business RV Series Routers
network
Cisco Small Business RV Series Routers Command Injection Vulnerability
Multiple Cisco Small Business RV Series Routers contains a command injection vulnerability in the web-based management interface. Successful exploitation could allow an authentica…
3.8%
Feb 20, 2025 CVE-2025-0111 Palo Alto Networks PAN-OS
network vpn remote
Palo Alto Networks PAN-OS File Read Vulnerability
Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enables an authenticated attacker with network access to the man…
3.7%
Feb 18, 2025 CVE-2024-53704
Ransomware
SonicWall SonicOS
network vpn remote
SonicWall SonicOS SSLVPN Improper Authentication Vulnerability
SonicWall SonicOS contains an improper authentication vulnerability in the SSLVPN authentication mechanism that allows a remote attacker to bypass authentication.
93.9%
Feb 18, 2025 CVE-2025-0108 Palo Alto Networks PAN-OS
network vpn remote
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnerability allows an unauthenticated attacker with network acces…
94.1%
Feb 6, 2025 CVE-2020-15069 Sophos XG Firewall
endpoint network
Sophos XG Firewall Buffer Overflow Vulnerability
Sophos XG Firewall contains a buffer overflow vulnerability that allows for remote code execution via the "HTTP/S bookmark" feature.
82.6%
Feb 6, 2025 CVE-2020-29574 Sophos CyberoamOS
endpoint network
CyberoamOS (CROS) SQL Injection Vulnerability
CyberoamOS (CROS) contains a SQL injection vulnerability in the WebAdmin that allows an unauthenticated attacker to execute arbitrary SQL statements remotely.
10.1%
Jan 24, 2025 CVE-2025-23006
Ransomware
SonicWall SMA1000 Appliances
network vpn remote
SonicWall SMA1000 Appliances Deserialization Vulnerability
SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, una…
50.1%
Jan 14, 2025 CVE-2024-55591
Ransomware
Fortinet FortiOS and FortiProxy
network vpn remote
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that may allow an unauthenticated, remote attacker to gain super-admin privileges via crafted reques…
94.1%
Dec 30, 2024 CVE-2024-3393 Palo Alto Networks PAN-OS
network vpn remote
Palo Alto Networks PAN-OS Malicious DNS Packet Vulnerability
Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malicious DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacke…
79.7%
Nov 18, 2024 CVE-2024-0012
Ransomware
Palo Alto Networks PAN-OS
network vpn remote
Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in the web-based management interface for several PAN-OS products, including firewalls and VPN concentrat…
94.3%
Nov 18, 2024 CVE-2024-9474
Ransomware
Palo Alto Networks PAN-OS
network vpn remote
Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability
Palo Alto Networks PAN-OS contains an OS command injection vulnerability that allows for privilege escalation through the web-based management interface for several PAN products, …
94.2%

Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.