Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Sep 3, 2025 | CVE-2025-9377 | TP-Link Multiple Routers |
TP-Link Archer C7(EU) and TL-WR841N/ND(MS) OS Command Injection Vulnerability
TP-Link Archer C7(EU) and TL-WR841N/ND(MS) contain an OS command injection vulnerability that exists in the Parental Control page. The impacted products could be end-of-life (EoL)…
|
— | 26.9% |
| Sep 2, 2025 | CVE-2020-24363 | TP-Link TL-WA855RE |
TP-link TL-WA855RE Missing Authentication for Critical Function Vulnerability
TP-link TL-WA855RE contains a missing authentication for critical function vulnerability. This vulnerability could allow an unauthenticated attacker (on the same network) to submi…
|
— | 11.4% |
| Sep 2, 2025 | CVE-2025-55177 | Meta Platforms WhatsApp |
Meta Platforms WhatsApp Incorrect Authorization Vulnerability
Meta Platforms WhatsApp contains an incorrect authorization vulnerability due to an incomplete authorization of linked device synchronization messages. This vulnerability could al…
|
— | 0.8% |
| Aug 29, 2025 | CVE-2025-57819 | Sangoma FreePBX |
Sangoma FreePBX Authentication Bypass Vulnerability
Sangoma FreePBX contains an authentication bypass vulnerability due to insufficiently sanitized user-supplied data allows unauthenticated access to FreePBX Administrator leading t…
|
— | 76.7% |
| Aug 26, 2025 | CVE-2025-7775 | Citrix NetScaler |
Citrix NetScaler Memory Overflow Vulnerability
Citrix NetScaler ADC and NetScaler Gateway contain a memory overflow vulnerability that could allow for remote code execution and/or denial of service.
|
— | 7.8% |
| Aug 25, 2025 | CVE-2024-8068 | Citrix Session Recording |
Citrix Session Recording Improper Privilege Management Vulnerability
Citrix Session Recording contains an improper privilege management vulnerability that could allow for privilege escalation to NetworkService Account access. An attacker must be an…
|
— | 8.1% |
| Aug 25, 2025 | CVE-2024-8069 | Citrix Session Recording |
Citrix Session Recording Deserialization of Untrusted Data Vulnerability
Citrix Session Recording contains a deserialization of untrusted data vulnerability that allows limited remote code execution with privilege of a NetworkService Account access. At…
|
— | 48.3% |
| Aug 25, 2025 | CVE-2025-48384 | Git Git |
Git Link Following Vulnerability
Git contains a link following vulnerability that stems from Git’s inconsistent handling of carriage return characters in configuration files.
|
— | 0.6% |
| Aug 21, 2025 | CVE-2025-43300 | Apple iOS, iPadOS, and macOS |
Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability
Apple iOS, iPadOS, and macOS contain an out-of-bounds write vulnerability in the Image I/O framework.
|
— | 4.4% |
| Aug 18, 2025 | CVE-2025-54948 | Trend Micro Apex One |
Trend Micro Apex One OS Command Injection Vulnerability
Trend Micro Apex One Management Console (on-premise) contains an OS command injection vulnerability that could allow a pre-authenticated remote attacker to upload malicious code a…
|
— | 13.9% |
| Aug 13, 2025 | CVE-2025-8875 | N-able N-Central |
N-able N-Central Insecure Deserialization Vulnerability
N-able N-Central contains an insecure deserialization vulnerability that could lead to command execution.
|
— | 3.8% |
| Aug 13, 2025 | CVE-2025-8876 | N-able N-Central |
N-able N-Central Command Injection Vulnerability
N-able N-Central contains a command injection vulnerability via improper sanitization of user input.
|
— | 11.7% |
| Aug 12, 2025 | CVE-2007-0671 | Microsoft Office |
Microsoft Office Excel Remote Code Execution Vulnerability
Microsoft Office Excel contains a remote code execution vulnerability that can be exploited when a specially crafted Excel file is opened. This malicious file could be delivered a…
|
— | 52.3% |
| Aug 12, 2025 | CVE-2013-3893 | Microsoft Internet Explorer |
Microsoft Internet Explorer Resource Management Errors Vulnerability
Microsoft Internet Explorer contains a memory corruption vulnerability that allows for remote code execution. The impacted products could be end-of-life (EoL) and/or end-of-servic…
|
— | 84.9% |
| Aug 12, 2025 | CVE-2025-8088 | RARLAB WinRAR |
RARLAB WinRAR Path Traversal Vulnerability
RARLAB WinRAR contains a path traversal vulnerability affecting the Windows version of WinRAR. This vulnerability could allow an attacker to execute arbitrary code by crafting mal…
|
— | 11.6% |
| Aug 5, 2025 | CVE-2020-25078 | D-Link DCS-2530L and DCS-2670L Devices |
D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability
D-Link DCS-2530L and DCS-2670L devices contains an unspecified vulnerability that could allow for remote administrator password disclosure. The impacted products could be end-of-l…
|
— | 94.1% |
| Aug 5, 2025 | CVE-2020-25079 | D-Link DCS-2530L and DCS-2670L Devices |
D-Link DCS-2530L and DCS-2670L Command Injection Vulnerability
D-Link DCS-2530L and DCS-2670L devices contains a command injection vulnerability in the cgi-bin/ddns_enc.cgi. The impacted products could be end-of-life (EoL) and/or end-of-servi…
|
— | 41.9% |
| Aug 5, 2025 | CVE-2022-40799 | D-Link DNR-322L |
D-Link DNR-322L Download of Code Without Integrity Check Vulnerability
D-Link DNR-322L contains a download of code without integrity check vulnerability that could allow an authenticated attacker to execute OS level commands on the device. The impact…
|
— | 57.0% |
| Jul 28, 2025 | CVE-2023-2533 | PaperCut NG/MF |
PaperCut NG/MF Cross-Site Request Forgery (CSRF) Vulnerability
PaperCut NG/MF contains a cross-site request forgery (CSRF) vulnerability, which, under specific conditions, could potentially enable an attacker to alter security settings or exe…
|
— | 36.3% |
| Jul 28, 2025 | CVE-2025-20281 | Cisco Identity Services Engine |
Cisco Identity Services Engine Injection Vulnerability
Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supplied input allowing …
|
— | 33.5% |
| Jul 28, 2025 | CVE-2025-20337 | Cisco Identity Services Engine |
Cisco Identity Services Engine Injection Vulnerability
Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supplied input allowing …
|
— | 1.4% |
| Jul 22, 2025 | CVE-2025-2775 | SysAid SysAid On-Prem |
SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability
SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in the Checkin processing functionality, allowing for administrator account takeover…
|
— | 69.3% |
| Jul 22, 2025 | CVE-2025-2776 | SysAid SysAid On-Prem |
SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability
SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in the Server URL processing functionality, allowing for administrator account takeo…
|
— | 62.6% |
| Jul 22, 2025 |
CVE-2025-49704
Ransomware |
Microsoft SharePoint |
Microsoft SharePoint Code Injection Vulnerability
Microsoft SharePoint contains a code injection vulnerability that could allow an authorized attacker to execute code over a network. This vulnerability could be chained with CVE-2…
|
— | 59.6% |
| Jul 22, 2025 |
CVE-2025-49706
Ransomware |
Microsoft SharePoint |
Microsoft SharePoint Improper Authentication Vulnerability
Microsoft SharePoint contains an improper authentication vulnerability that allows an authorized attacker to perform spoofing over a network. Successfully exploitation could allow…
|
— | 73.8% |
| Jul 22, 2025 | CVE-2025-54309 | CrushFTP CrushFTP |
CrushFTP Unprotected Alternate Channel Vulnerability
CrushFTP contains an unprotected alternate channel vulnerability. When the DMZ proxy feature is not used, mishandles AS2 validation and consequently allows remote attackers to obt…
|
— | 76.8% |
| Jul 22, 2025 | CVE-2025-6558 | Google Chromium |
Google Chromium ANGLE and GPU Improper Input Validation Vulnerability
Google Chromium contains an improper input validation vulnerability in ANGLE and GPU. This vulnerability could allow a remote attacker to potentially perform a sandbox escape via …
|
— | 0.3% |
| Jul 20, 2025 |
CVE-2025-53770
Ransomware |
Microsoft SharePoint |
Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
Microsoft SharePoint Server on-premises contains a deserialization of untrusted data vulnerability that could allow an unauthorized attacker to execute code over a network. This v…
|
— | 88.2% |
| Jul 18, 2025 | CVE-2025-25257 | Fortinet FortiWeb |
Fortinet FortiWeb SQL Injection Vulnerability
Fortinet FortiWeb contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.
|
— | 26.2% |
| Jul 14, 2025 | CVE-2025-47812 | Wing FTP Server Wing FTP Server |
Wing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnerability
Wing FTP Server contains an improper neutralization of null byte or NUL character vulnerability that can allow injection of arbitrary Lua code into user session files. This can be…
|
— | 92.9% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.