Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Oct 6, 2025 | CVE-2013-3918 | Microsoft Windows |
Microsoft Windows Out-of-Bounds Write Vulnerability
Microsoft Windows contains an out-of-bounds write vulnerability in the InformationCardSigninHelper Class ActiveX control, icardie.dll. An attacker could exploit the vulnerability …
|
— | 88.5% |
| Oct 6, 2025 | CVE-2021-43226 | Microsoft Windows |
Microsoft Windows Privilege Escalation Vulnerability
Microsoft Windows Common Log File System Driver contains a privilege escalation vulnerability that could allow a local, privileged attacker to bypass certain security mechanisms.
|
— | 8.4% |
| Sep 23, 2025 | CVE-2025-10585 | Google Chromium V8 |
Google Chromium V8 Type Confusion Vulnerability
Google Chromium contains a type confusion vulnerability in the V8 JavaScript and WebAssembly engine.
|
— | 2.1% |
| Aug 21, 2025 | CVE-2025-43300 | Apple iOS, iPadOS, and macOS |
Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability
Apple iOS, iPadOS, and macOS contain an out-of-bounds write vulnerability in the Image I/O framework.
|
— | 4.4% |
| Aug 12, 2025 | CVE-2007-0671 | Microsoft Office |
Microsoft Office Excel Remote Code Execution Vulnerability
Microsoft Office Excel contains a remote code execution vulnerability that can be exploited when a specially crafted Excel file is opened. This malicious file could be delivered a…
|
— | 52.3% |
| Aug 12, 2025 | CVE-2013-3893 | Microsoft Internet Explorer |
Microsoft Internet Explorer Resource Management Errors Vulnerability
Microsoft Internet Explorer contains a memory corruption vulnerability that allows for remote code execution. The impacted products could be end-of-life (EoL) and/or end-of-servic…
|
— | 84.9% |
| Jul 22, 2025 |
CVE-2025-49704
Ransomware |
Microsoft SharePoint |
Microsoft SharePoint Code Injection Vulnerability
Microsoft SharePoint contains a code injection vulnerability that could allow an authorized attacker to execute code over a network. This vulnerability could be chained with CVE-2…
|
— | 59.6% |
| Jul 22, 2025 |
CVE-2025-49706
Ransomware |
Microsoft SharePoint |
Microsoft SharePoint Improper Authentication Vulnerability
Microsoft SharePoint contains an improper authentication vulnerability that allows an authorized attacker to perform spoofing over a network. Successfully exploitation could allow…
|
— | 73.8% |
| Jul 22, 2025 | CVE-2025-6558 | Google Chromium |
Google Chromium ANGLE and GPU Improper Input Validation Vulnerability
Google Chromium contains an improper input validation vulnerability in ANGLE and GPU. This vulnerability could allow a remote attacker to potentially perform a sandbox escape via …
|
— | 0.3% |
| Jul 20, 2025 |
CVE-2025-53770
Ransomware |
Microsoft SharePoint |
Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
Microsoft SharePoint Server on-premises contains a deserialization of untrusted data vulnerability that could allow an unauthorized attacker to execute code over a network. This v…
|
— | 88.2% |
| Jul 2, 2025 | CVE-2025-6554 | Google Chromium V8 |
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 contains a type confusion vulnerability that could allow a remote attacker to perform arbitrary read/write via a crafted HTML page. This vulnerability could aff…
|
— | 1.6% |
| Jun 16, 2025 | CVE-2025-43200 | Apple Multiple Products |
Apple Multiple Products Unspecified Vulnerability
Apple iOS, iPadOS, macOS, watchOS, and visionOS, contain an unspecified vulnerability when processing a maliciously crafted photo or video shared via an iCloud Link.
|
— | 0.9% |
| Jun 10, 2025 | CVE-2025-33053 | Microsoft Windows |
Microsoft Windows External Control of File Name or Path Vulnerability
Microsoft Windows contains an external control of file name or path vulnerability that could allow an attacker to execute code from a remote WebDAV location specified by the Worki…
|
— | 50.3% |
| Jun 5, 2025 | CVE-2025-5419 | Google Chromium V8 |
Google Chromium V8 Out-of-Bounds Read and Write Vulnerability
Google Chromium V8 contains an out-of-bounds read and write vulnerability that could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This v…
|
— | 3.8% |
| Jun 2, 2025 | CVE-2025-3935 | ConnectWise ScreenConnect |
ConnectWise ScreenConnect Improper Authentication Vulnerability
ConnectWise ScreenConnect contains an improper authentication vulnerability. This vulnerability could allow a ViewState code injection attack, which could allow remote code execut…
|
— | 6.1% |
| May 13, 2025 | CVE-2025-30397 | Microsoft Windows |
Microsoft Windows Scripting Engine Type Confusion Vulnerability
Microsoft Windows Scripting Engine contains a type confusion vulnerability that allows an unauthorized attacker to execute code over a network via a specially crafted URL.
|
— | 20.7% |
| May 13, 2025 | CVE-2025-30400 | Microsoft Windows |
Microsoft Windows DWM Core Library Use-After-Free Vulnerability
Microsoft Windows DWM Core Library contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
|
— | 0.9% |
| May 13, 2025 | CVE-2025-32701 | Microsoft Windows |
Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
|
— | 1.9% |
| May 13, 2025 | CVE-2025-32706 | Microsoft Windows |
Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability
Microsoft Windows Common Log File System (CLFS) Driver contains a heap-based buffer overflow vulnerability that allows an authorized attacker to elevate privileges locally.
|
— | 1.1% |
| May 13, 2025 | CVE-2025-32709 | Microsoft Windows |
Microsoft Windows Ancillary Function Driver for WinSock Use-After-Free Vulnerability
Microsoft Windows Ancillary Function Driver for WinSock contains a use-after-free vulnerability that allows an authorized attacker to escalate privileges to administrator.
|
— | 1.0% |
| Apr 17, 2025 | CVE-2025-24054 | Microsoft Windows |
Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability
Microsoft Windows NTLM contains an external control of file name or path vulnerability that allows an unauthorized attacker to perform spoofing over a network.
|
— | 8.0% |
| Apr 17, 2025 | CVE-2025-31200 | Apple Multiple Products |
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, and other Apple products contain a memory corruption vulnerability that allows for code execution when processing an audio stream in a maliciously crafte…
|
— | 1.7% |
| Apr 17, 2025 | CVE-2025-31201 | Apple Multiple Products |
Apple Multiple Products Arbitrary Read and Write Vulnerability
Apple iOS, iPadOS, macOS, and other Apple products contain an arbitrary read and write vulnerability that allows an attacker to bypass Pointer Authentication.
|
— | 3.4% |
| Apr 8, 2025 |
CVE-2025-29824
Ransomware |
Microsoft Windows |
Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
|
— | 0.8% |
| Mar 27, 2025 | CVE-2025-2783 | Google Chromium Mojo |
Google Chromium Mojo Sandbox Escape Vulnerability
Google Chromium Mojo on Windows contains a sandbox escape vulnerability caused by a logic error, which results from an incorrect handle being provided in unspecified circumstances…
|
— | 44.0% |
| Mar 13, 2025 | CVE-2025-24201 | Apple Multiple Products |
Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability
Apple iOS, iPadOS, macOS, and other Apple products contain an out-of-bounds write vulnerability in WebKit that may allow maliciously crafted web content to break out of Web Conten…
|
— | 0.2% |
| Mar 11, 2025 | CVE-2025-24983 | Microsoft Windows |
Microsoft Windows Win32k Use-After-Free Vulnerability
Microsoft Windows Win32 Kernel Subsystem contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
|
— | 1.8% |
| Mar 11, 2025 | CVE-2025-24984 | Microsoft Windows |
Microsoft Windows NTFS Information Disclosure Vulnerability
Microsoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulnerability that allows an unauthorized attacker to disclose inf…
|
— | 4.3% |
| Mar 11, 2025 | CVE-2025-24985 | Microsoft Windows |
Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability
Microsoft Windows Fast FAT File System Driver contains an integer overflow or wraparound vulnerability that allows an unauthorized attacker to execute code locally.
|
— | 2.1% |
| Mar 11, 2025 | CVE-2025-24991 | Microsoft Windows |
Microsoft Windows NTFS Out-Of-Bounds Read Vulnerability
Microsoft Windows New Technology File System (NTFS) contains an out-of-bounds read vulnerability that allows an authorized attacker to disclose information locally.
|
— | 1.6% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.