Full CISA KEV catalog

Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.

Showing 1–30 of 132 CVEs · Page 1 of 5 30 per page
Added CVE Vendor / Product Name & description CVSS EPSS
Jun 12, 2026 CVE-2026-35273
Ransomware
Oracle PeopleSoft Enterprise PeopleTools
database enterprise
Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability
Oracle PeopleSoft Enterprise PeopleTools contains a missing authentication for critical function vulnerability which could allow an unauthenticated attacker to obtain takeover of …
9.8 0.0%
Jun 2, 2026 CVE-2022-0492 Linux Kernel
server os
Linux Kernel Improper Authentication Vulnerability
Linux Kernel contains an improper authentication vulnerability which could allow for privilege escalation via the cgroups v1 release_agent feature.
27.2%
Jun 1, 2026 CVE-2024-21182 Oracle WebLogic Server
database enterprise
Oracle WebLogic Server Unspecified Vulnerability
Oracle WebLogic contains an unspecified vulnerability that could allow an unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successfu…
89.7%
May 22, 2026 CVE-2026-9082 Drupal Core
web server
Drupal Core SQL Injection Vulnerability
Drupal Core contains a SQL injection vulnerability that could allow for privilege escalation and remote code execution via specially crafted requests sent with the database abstra…
10.4%
May 1, 2026 CVE-2026-31431 Linux Kernel
server os
Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability
Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation.
2.7%
Apr 16, 2026 CVE-2026-34197 Apache ActiveMQ
web server
Apache ActiveMQ Improper Input Validation Vulnerability
Apache ActiveMQ contains an improper input validation vulnerability that allows for code injection.
83.5%
Jan 26, 2026 CVE-2018-14634 Linux Kernel
server os
Linux Kernel Integer Overflow Vulnerability
Linux Kernel contains an integer overflow vulnerability in the create_elf_tables() function which could allow an unprivileged local user with access to SUID (or otherwise privileg…
20.6%
Dec 29, 2025 CVE-2025-14847 MongoDB MongoDB and MongoDB Server
database
MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability
MongoDB Server contains an improper handling of length parameter inconsistency vulnerability in Zlib compressed protocol headers. This vulnerability may allow a read of uninitiali…
62.8%
Nov 21, 2025 CVE-2025-61757 Oracle Fusion Middleware
database enterprise
Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability
Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticated remote attackers to take over Identity Manager.
87.8%
Oct 24, 2025 CVE-2025-59287 Microsoft Windows
endpoint m365 server os smb essential
Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability
Microsoft Windows Server Update Service (WSUS) contains a deserialization of untrusted data vulnerability that allows for remote code execution.
66.2%
Oct 20, 2025 CVE-2025-61884
Ransomware
Oracle E-Business Suite
database enterprise
Oracle E-Business Suite Server-Side Request Forgery (SSRF) Vulnerability
Oracle E-Business Suite contains a server-side request forgery (SSRF) vulnerability in the Runtime component of Oracle Configurator. This vulnerability is remotely exploitable wit…
51.1%
Oct 6, 2025 CVE-2021-22555 Linux Kernel
server os
Linux Kernel Heap Out-of-Bounds Write Vulnerability
Linux Kernel contains a heap out-of-bounds write vulnerability that could allow an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space.
85.2%
Oct 6, 2025 CVE-2025-61882
Ransomware
Oracle E-Business Suite
database enterprise
Oracle E-Business Suite Unspecified Vulnerability
Oracle E-Business Suite contains an unspecified vulnerability in the BI Publisher Integration component. The vulnerability allows unauthenticated attacker with network access via …
90.9%
Sep 4, 2025 CVE-2025-38352 Linux Kernel
server os
Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability
Linux kernel contains a time-of-check time-of-use (TOCTOU) race condition vulnerability that has a high impact on confidentiality, integrity, and availability.
0.1%
Jun 17, 2025 CVE-2023-0386 Linux Kernel
server os
Linux Kernel Improper Ownership Management Vulnerability
Linux Kernel contains an improper ownership management vulnerability, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel…
48.5%
May 1, 2025 CVE-2024-38475 Apache HTTP Server
web server
Apache HTTP Server Improper Escaping of Output Vulnerability
Apache HTTP Server contains an improper escaping of output vulnerability in mod_rewrite that allows an attacker to map URLs to filesystem locations that are permitted to be served…
93.9%
Apr 9, 2025 CVE-2024-53150 Linux Kernel
server os
Linux Kernel Out-of-Bounds Read Vulnerability
Linux Kernel contains an out-of-bounds read vulnerability in the USB-audio driver that allows a local, privileged attacker to obtain potentially sensitive information.
1.1%
Apr 9, 2025 CVE-2024-53197 Linux Kernel
server os
Linux Kernel Out-of-Bounds Access Vulnerability
Linux Kernel contains an out-of-bounds access vulnerability in the USB-audio driver that allows an attacker with physical access to the system to use a malicious USB device to pot…
2.0%
Apr 1, 2025 CVE-2025-24813 Apache Tomcat
web server
Apache Tomcat Path Equivalence Vulnerability
Apache Tomcat contains a path equivalence vulnerability that allows a remote attacker to execute code, disclose information, or inject malicious content via a partial PUT request.
94.1%
Mar 4, 2025 CVE-2024-50302 Linux Kernel
server os
Linux Kernel Use of Uninitialized Resource Vulnerability
The Linux kernel contains a use of uninitialized resource vulnerability that allows an attacker to leak kernel memory via a specially crafted HID report.
2.6%
Feb 24, 2025 CVE-2024-20953 Oracle Agile Product Lifecycle Management (PLM)
database enterprise
Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability
Oracle Agile Product Lifecycle Management (PLM) contains a deserialization vulnerability that allows a low-privileged attacker with network access via HTTP to compromise the syste…
67.9%
Feb 5, 2025 CVE-2024-53104 Linux Kernel
server os
Linux Kernel Out-of-Bounds Write Vulnerability
Linux kernel contains an out-of-bounds write vulnerability in the uvc_parse_streaming component of the USB Video Class (UVC) driver that could allow for physical escalation of pri…
18.0%
Feb 4, 2025 CVE-2024-45195 Apache OFBiz
web server
Apache OFBiz Forced Browsing Vulnerability
Apache OFBiz contains a forced browsing vulnerability that allows a remote attacker to obtain unauthorized access.
94.1%
Jan 7, 2025 CVE-2020-2883 Oracle WebLogic Server
database enterprise
Oracle WebLogic Server Unspecified Vulnerability
Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an unspecified vulnerability exploitable by an unauthenticated attacker with network access via IIOP…
94.4%
Nov 21, 2024 CVE-2024-21287 Oracle Agile Product Lifecycle Management (PLM)
database enterprise
Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability
Oracle Agile Product Lifecycle Management (PLM) contains an incorrect authorization vulnerability in the Process Extension component of the Software Development Kit. Successful ex…
69.8%
Sep 18, 2024 CVE-2020-0618 Microsoft SQL Server
database endpoint m365 smb essential
Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability
Microsoft SQL Server Reporting Services contains a deserialization vulnerability when handling page requests incorrectly. An authenticated attacker can exploit this vulnerability …
94.2%
Sep 18, 2024 CVE-2020-14644 Oracle WebLogic Server
database enterprise
Oracle WebLogic Server Remote Code Execution Vulnerability
Oracle WebLogic Server, a product within the Fusion Middleware suite, contains a deserialization vulnerability. Unauthenticated attackers with network access via T3 or IIOP can ex…
93.6%
Sep 18, 2024 CVE-2022-21445 Oracle ADF Faces
database enterprise
Oracle ADF Faces Deserialization of Untrusted Data Vulnerability
Oracle ADF Faces library, included with Oracle JDeveloper Distribution, contains a deserialization of untrusted data vulnerability leading to unauthenticated remote code execution.
92.0%
Sep 18, 2024 CVE-2024-27348 Apache HugeGraph-Server
web server
Apache HugeGraph-Server Improper Access Control Vulnerability
Apache HugeGraph-Server contains an improper access control vulnerability that could allow a remote attacker to execute arbitrary code.
94.3%
Sep 9, 2024 CVE-2017-1000253
Ransomware
Linux Kernel
server os
Linux Kernel PIE Stack Buffer Corruption Vulnerability
Linux kernel contains a position-independent executable (PIE) stack buffer corruption vulnerability in load_elf_ binary() that allows a local attacker to escalate privileges.
57.3%

Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.