Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Jun 12, 2026 |
CVE-2026-35273
Ransomware |
Oracle PeopleSoft Enterprise PeopleTools |
Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability
Oracle PeopleSoft Enterprise PeopleTools contains a missing authentication for critical function vulnerability which could allow an unauthenticated attacker to obtain takeover of …
|
9.8 | 0.0% |
| Jun 2, 2026 | CVE-2022-0492 | Linux Kernel |
Linux Kernel Improper Authentication Vulnerability
Linux Kernel contains an improper authentication vulnerability which could allow for privilege escalation via the cgroups v1 release_agent feature.
|
— | 27.2% |
| Jun 1, 2026 | CVE-2024-21182 | Oracle WebLogic Server |
Oracle WebLogic Server Unspecified Vulnerability
Oracle WebLogic contains an unspecified vulnerability that could allow an unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successfu…
|
— | 89.7% |
| May 22, 2026 | CVE-2026-9082 | Drupal Core |
Drupal Core SQL Injection Vulnerability
Drupal Core contains a SQL injection vulnerability that could allow for privilege escalation and remote code execution via specially crafted requests sent with the database abstra…
|
— | 10.4% |
| May 1, 2026 | CVE-2026-31431 | Linux Kernel |
Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability
Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation.
|
— | 2.7% |
| Apr 16, 2026 | CVE-2026-34197 | Apache ActiveMQ |
Apache ActiveMQ Improper Input Validation Vulnerability
Apache ActiveMQ contains an improper input validation vulnerability that allows for code injection.
|
— | 83.5% |
| Jan 26, 2026 | CVE-2018-14634 | Linux Kernel |
Linux Kernel Integer Overflow Vulnerability
Linux Kernel contains an integer overflow vulnerability in the create_elf_tables() function which could allow an unprivileged local user with access to SUID (or otherwise privileg…
|
— | 20.6% |
| Dec 29, 2025 | CVE-2025-14847 | MongoDB MongoDB and MongoDB Server |
MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability
MongoDB Server contains an improper handling of length parameter inconsistency vulnerability in Zlib compressed protocol headers. This vulnerability may allow a read of uninitiali…
|
— | 62.8% |
| Nov 21, 2025 | CVE-2025-61757 | Oracle Fusion Middleware |
Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability
Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticated remote attackers to take over Identity Manager.
|
— | 87.8% |
| Oct 24, 2025 | CVE-2025-59287 | Microsoft Windows |
Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability
Microsoft Windows Server Update Service (WSUS) contains a deserialization of untrusted data vulnerability that allows for remote code execution.
|
— | 66.2% |
| Oct 20, 2025 |
CVE-2025-61884
Ransomware |
Oracle E-Business Suite |
Oracle E-Business Suite Server-Side Request Forgery (SSRF) Vulnerability
Oracle E-Business Suite contains a server-side request forgery (SSRF) vulnerability in the Runtime component of Oracle Configurator. This vulnerability is remotely exploitable wit…
|
— | 51.1% |
| Oct 6, 2025 | CVE-2021-22555 | Linux Kernel |
Linux Kernel Heap Out-of-Bounds Write Vulnerability
Linux Kernel contains a heap out-of-bounds write vulnerability that could allow an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space.
|
— | 85.2% |
| Oct 6, 2025 |
CVE-2025-61882
Ransomware |
Oracle E-Business Suite |
Oracle E-Business Suite Unspecified Vulnerability
Oracle E-Business Suite contains an unspecified vulnerability in the BI Publisher Integration component. The vulnerability allows unauthenticated attacker with network access via …
|
— | 90.9% |
| Sep 4, 2025 | CVE-2025-38352 | Linux Kernel |
Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability
Linux kernel contains a time-of-check time-of-use (TOCTOU) race condition vulnerability that has a high impact on confidentiality, integrity, and availability.
|
— | 0.1% |
| Jun 17, 2025 | CVE-2023-0386 | Linux Kernel |
Linux Kernel Improper Ownership Management Vulnerability
Linux Kernel contains an improper ownership management vulnerability, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel…
|
— | 48.5% |
| May 1, 2025 | CVE-2024-38475 | Apache HTTP Server |
Apache HTTP Server Improper Escaping of Output Vulnerability
Apache HTTP Server contains an improper escaping of output vulnerability in mod_rewrite that allows an attacker to map URLs to filesystem locations that are permitted to be served…
|
— | 93.9% |
| Apr 9, 2025 | CVE-2024-53150 | Linux Kernel |
Linux Kernel Out-of-Bounds Read Vulnerability
Linux Kernel contains an out-of-bounds read vulnerability in the USB-audio driver that allows a local, privileged attacker to obtain potentially sensitive information.
|
— | 1.1% |
| Apr 9, 2025 | CVE-2024-53197 | Linux Kernel |
Linux Kernel Out-of-Bounds Access Vulnerability
Linux Kernel contains an out-of-bounds access vulnerability in the USB-audio driver that allows an attacker with physical access to the system to use a malicious USB device to pot…
|
— | 2.0% |
| Apr 1, 2025 | CVE-2025-24813 | Apache Tomcat |
Apache Tomcat Path Equivalence Vulnerability
Apache Tomcat contains a path equivalence vulnerability that allows a remote attacker to execute code, disclose information, or inject malicious content via a partial PUT request.
|
— | 94.1% |
| Mar 4, 2025 | CVE-2024-50302 | Linux Kernel |
Linux Kernel Use of Uninitialized Resource Vulnerability
The Linux kernel contains a use of uninitialized resource vulnerability that allows an attacker to leak kernel memory via a specially crafted HID report.
|
— | 2.6% |
| Feb 24, 2025 | CVE-2024-20953 | Oracle Agile Product Lifecycle Management (PLM) |
Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability
Oracle Agile Product Lifecycle Management (PLM) contains a deserialization vulnerability that allows a low-privileged attacker with network access via HTTP to compromise the syste…
|
— | 67.9% |
| Feb 5, 2025 | CVE-2024-53104 | Linux Kernel |
Linux Kernel Out-of-Bounds Write Vulnerability
Linux kernel contains an out-of-bounds write vulnerability in the uvc_parse_streaming component of the USB Video Class (UVC) driver that could allow for physical escalation of pri…
|
— | 18.0% |
| Feb 4, 2025 | CVE-2024-45195 | Apache OFBiz |
Apache OFBiz Forced Browsing Vulnerability
Apache OFBiz contains a forced browsing vulnerability that allows a remote attacker to obtain unauthorized access.
|
— | 94.1% |
| Jan 7, 2025 | CVE-2020-2883 | Oracle WebLogic Server |
Oracle WebLogic Server Unspecified Vulnerability
Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an unspecified vulnerability exploitable by an unauthenticated attacker with network access via IIOP…
|
— | 94.4% |
| Nov 21, 2024 | CVE-2024-21287 | Oracle Agile Product Lifecycle Management (PLM) |
Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability
Oracle Agile Product Lifecycle Management (PLM) contains an incorrect authorization vulnerability in the Process Extension component of the Software Development Kit. Successful ex…
|
— | 69.8% |
| Sep 18, 2024 | CVE-2020-0618 | Microsoft SQL Server |
Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability
Microsoft SQL Server Reporting Services contains a deserialization vulnerability when handling page requests incorrectly. An authenticated attacker can exploit this vulnerability …
|
— | 94.2% |
| Sep 18, 2024 | CVE-2020-14644 | Oracle WebLogic Server |
Oracle WebLogic Server Remote Code Execution Vulnerability
Oracle WebLogic Server, a product within the Fusion Middleware suite, contains a deserialization vulnerability. Unauthenticated attackers with network access via T3 or IIOP can ex…
|
— | 93.6% |
| Sep 18, 2024 | CVE-2022-21445 | Oracle ADF Faces |
Oracle ADF Faces Deserialization of Untrusted Data Vulnerability
Oracle ADF Faces library, included with Oracle JDeveloper Distribution, contains a deserialization of untrusted data vulnerability leading to unauthenticated remote code execution.
|
— | 92.0% |
| Sep 18, 2024 | CVE-2024-27348 | Apache HugeGraph-Server |
Apache HugeGraph-Server Improper Access Control Vulnerability
Apache HugeGraph-Server contains an improper access control vulnerability that could allow a remote attacker to execute arbitrary code.
|
— | 94.3% |
| Sep 9, 2024 |
CVE-2017-1000253
Ransomware |
Linux Kernel |
Linux Kernel PIE Stack Buffer Corruption Vulnerability
Linux kernel contains a position-independent executable (PIE) stack buffer corruption vulnerability in load_elf_ binary() that allows a local attacker to escalate privileges.
|
— | 57.3% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.