Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Mar 18, 2025 |
CVE-2025-24472
Ransomware |
Fortinet FortiOS and FortiProxy |
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF proxy requests.
|
— | 10.4% |
| Mar 10, 2025 | CVE-2024-13159 | Ivanti Endpoint Manager (EPM) |
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.
|
— | 94.0% |
| Mar 10, 2025 | CVE-2024-13160 | Ivanti Endpoint Manager (EPM) |
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.
|
— | 93.8% |
| Mar 10, 2025 | CVE-2024-13161 | Ivanti Endpoint Manager (EPM) |
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.
|
— | 91.8% |
| Feb 20, 2025 | CVE-2025-0111 | Palo Alto Networks PAN-OS |
Palo Alto Networks PAN-OS File Read Vulnerability
Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enables an authenticated attacker with network access to the man…
|
— | 3.7% |
| Feb 18, 2025 |
CVE-2024-53704
Ransomware |
SonicWall SonicOS |
SonicWall SonicOS SSLVPN Improper Authentication Vulnerability
SonicWall SonicOS contains an improper authentication vulnerability in the SSLVPN authentication mechanism that allows a remote attacker to bypass authentication.
|
— | 93.9% |
| Feb 18, 2025 | CVE-2025-0108 | Palo Alto Networks PAN-OS |
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnerability allows an unauthenticated attacker with network acces…
|
— | 94.1% |
| Jan 24, 2025 |
CVE-2025-23006
Ransomware |
SonicWall SMA1000 Appliances |
SonicWall SMA1000 Appliances Deserialization Vulnerability
SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, una…
|
— | 50.1% |
| Jan 14, 2025 |
CVE-2024-55591
Ransomware |
Fortinet FortiOS and FortiProxy |
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that may allow an unauthenticated, remote attacker to gain super-admin privileges via crafted reques…
|
— | 94.1% |
| Jan 8, 2025 |
CVE-2025-0282
Ransomware |
Ivanti Connect Secure, Policy Secure, and ZTA Gateways |
Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability
Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthenticated remote code execution.
|
— | 94.1% |
| Dec 30, 2024 | CVE-2024-3393 | Palo Alto Networks PAN-OS |
Palo Alto Networks PAN-OS Malicious DNS Packet Vulnerability
Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malicious DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacke…
|
— | 79.7% |
| Nov 18, 2024 |
CVE-2024-0012
Ransomware |
Palo Alto Networks PAN-OS |
Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in the web-based management interface for several PAN-OS products, including firewalls and VPN concentrat…
|
— | 94.3% |
| Nov 18, 2024 |
CVE-2024-9474
Ransomware |
Palo Alto Networks PAN-OS |
Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability
Palo Alto Networks PAN-OS contains an OS command injection vulnerability that allows for privilege escalation through the web-based management interface for several PAN products, …
|
— | 94.2% |
| Nov 14, 2024 | CVE-2024-9463 | Palo Alto Networks Expedition |
Palo Alto Networks Expedition OS Command Injection Vulnerability
Palo Alto Networks Expedition contains an OS command injection vulnerability that allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting …
|
— | 94.2% |
| Nov 14, 2024 | CVE-2024-9465 | Palo Alto Networks Expedition |
Palo Alto Networks Expedition SQL Injection Vulnerability
Palo Alto Networks Expedition contains a SQL injection vulnerability that allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usern…
|
— | 94.3% |
| Nov 7, 2024 | CVE-2024-5910 | Palo Alto Networks Expedition |
Palo Alto Networks Expedition Missing Authentication Vulnerability
Palo Alto Networks Expedition contains a missing authentication vulnerability that allows an attacker with network access to takeover an Expedition admin account and potentially a…
|
— | 91.0% |
| Oct 23, 2024 | CVE-2024-47575 | Fortinet FortiManager |
Fortinet FortiManager Missing Authentication Vulnerability
Fortinet FortiManager contains a missing authentication vulnerability in the fgfmd daemon that allows a remote, unauthenticated attacker to execute arbitrary code or commands via …
|
— | 93.9% |
| Oct 9, 2024 | CVE-2024-23113 | Fortinet Multiple Products |
Fortinet Multiple Products Format String Vulnerability
Fortinet FortiOS, FortiPAM, FortiProxy, and FortiWeb contain a format string vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code or commands via…
|
— | 54.4% |
| Oct 9, 2024 | CVE-2024-9379 | Ivanti Cloud Services Appliance (CSA) |
Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability
Ivanti Cloud Services Appliance (CSA) contains a SQL injection vulnerability in the admin web console in versions prior to 5.0.2, which can allow a remote attacker authenticated a…
|
— | 81.7% |
| Oct 9, 2024 | CVE-2024-9380 | Ivanti Cloud Services Appliance (CSA) |
Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability
Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin…
|
— | 88.1% |
| Oct 2, 2024 | CVE-2024-29824 | Ivanti Endpoint Manager (EPM) |
Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability
Ivanti Endpoint Manager (EPM) contains a SQL injection vulnerability in Core server that allows an unauthenticated attacker within the same network to execute arbitrary code.
|
— | 94.0% |
| Sep 24, 2024 | CVE-2024-7593 | Ivanti Virtual Traffic Manager |
Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
Ivanti Virtual Traffic Manager contains an authentication bypass vulnerability that allows a remote, unauthenticated attacker to create a chosen administrator account.
|
— | 94.4% |
| Sep 19, 2024 | CVE-2024-8963 | Ivanti Cloud Services Appliance (CSA) |
Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability
Ivanti Cloud Services Appliance (CSA) contains a path traversal vulnerability that could allow a remote, unauthenticated attacker to access restricted functionality. If CVE-2024-8…
|
— | 94.2% |
| Sep 13, 2024 | CVE-2024-8190 | Ivanti Cloud Services Appliance |
Ivanti Cloud Services Appliance OS Command Injection Vulnerability
Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin…
|
— | 91.9% |
| Sep 9, 2024 |
CVE-2024-40766
Ransomware |
SonicWall SonicOS |
SonicWall SonicOS Improper Access Control Vulnerability
SonicWall SonicOS contains an improper access control vulnerability that could lead to unauthorized resource access and, under certain conditions, may cause the firewall to crash.
|
— | 3.4% |
| May 30, 2024 |
CVE-2024-24919
Ransomware |
Check Point Quantum Security Gateways |
Check Point Quantum Security Gateways Information Disclosure Vulnerability
Check Point Quantum Security Gateways contain an unspecified information disclosure vulnerability. The vulnerability potentially allows an attacker to access information on Gatewa…
|
— | 94.3% |
| Apr 12, 2024 |
CVE-2024-3400
Ransomware |
Palo Alto Networks PAN-OS |
Palo Alto Networks PAN-OS Command Injection Vulnerability
Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the …
|
— | 94.3% |
| Mar 25, 2024 |
CVE-2021-44529
Ransomware |
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) |
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permis…
|
— | 94.5% |
| Mar 25, 2024 |
CVE-2023-48788
Ransomware |
Fortinet FortiClient EMS |
Fortinet FortiClient EMS SQL Injection Vulnerability
Fortinet FortiClient EMS contains a SQL injection vulnerability that allows an unauthenticated attacker to execute commands as SYSTEM via specifically crafted requests.
|
— | 94.1% |
| Feb 9, 2024 |
CVE-2024-21762
Ransomware |
Fortinet FortiOS |
Fortinet FortiOS Out-of-Bound Write Vulnerability
Fortinet FortiOS contains an out-of-bound write vulnerability that allows a remote unauthenticated attacker to execute code or commands via specially crafted HTTP requests.
|
— | 92.6% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.