Full CISA KEV catalog

Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.

Showing 1–3 of 3 CVEs · Page 1 of 1 30 per page
Added CVE Vendor / Product Name & description CVSS EPSS
Mar 5, 2026 CVE-2021-22681 Rockwell Multiple Products
ics ot
Rockwell Multiple Products Insufficient Protected Credentials Vulnerability
Multiple Rockwell products contain an insufficient protected credentials vulnerability. Studio 5000 Logix Designer software may allow a key to be discovered. This key is used to v…
20.4%
Apr 15, 2022 CVE-2018-7841 Schneider Electric U.motion Builder
ics ot
Schneider Electric U.motion Builder SQL Injection Vulnerability
A SQL Injection vulnerability exists in U.motion Builder software which could cause unwanted code execution when an improper set of characters is entered.
59.3%
Mar 3, 2022 CVE-2016-8562 Siemens SIMATIC CP
ics ot
Siemens SIMATIC CP 1543-1 Improper Privilege Management Vulnerability
An improper privilege management vulnerability exists within the Siemens SIMATIC Communication Processor (CP) that allows a privileged attacker to remotely cause a denial of servi…
18.5%

Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.