CISA KEV

The ‘Must-Patch’ List: CISA Adds Actively Exploited SolarWinds, Ivanti, and Omnissa Flaws to KEV CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

The ‘Must-Patch’ List: CISA Adds Actively Exploited SolarWinds, Ivanti, and Omnissa Flaws to KEV

Do Son March 10, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog, adding three...

CISA Adds Qualcomm and VMware Flaws to Known Exploited Catalog Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

CISA Adds Qualcomm and VMware Flaws to Known Exploited Catalog

Do Son March 4, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog, adding two...

Exploited in the Wild: Critical BeyondTrust Flaw (CVSS 9.9) Opens Door to Network Takeover BeyondTrust Vulnerability CVE-2026-1731

BeyondTrust Vulnerability CVE-2026-1731

Exploited in the Wild: Critical BeyondTrust Flaw (CVSS 9.9) Opens Door to Network Takeover

Do Son February 15, 2026

A critical vulnerability in widely used remote access software is currently under active attack, with threat actors...

PoC Released for Critical Oracle E-Business Suite Flaw Exploited by Ransomware Oracle E-Business Suite RCE CVE-2025-61882 PoC

Oracle E-Business Suite RCE CVE-2025-61882 PoC

PoC Released for Critical Oracle E-Business Suite Flaw Exploited by Ransomware

Do Son January 26, 2026

Vietnamese security researcher MB VRED has publicly released the technical blueprints and proof-of-concept (PoC) exploit code for...

CISA Alert: Critical VMware vCenter RCE (CVSS 9.8) Now Exploited in the Wild CISA KEV Catalog DarkSword Exploit Draytek Routers VMware vCenter RCE CVE-2024-37079

CISA KEV Catalog DarkSword Exploit Draytek Routers VMware vCenter RCE CVE-2024-37079

CISA Alert: Critical VMware vCenter RCE (CVSS 9.8) Now Exploited in the Wild

Do Son January 25, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Broadcom VMware vCenter Server...

CISA Alert: MongoBleed Added to KEV Catalog as 80,000+ Servers Face Active Exploitation Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

CISA Alert: MongoBleed Added to KEV Catalog as 80,000+ Servers Face Active Exploitation

Do Son December 30, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has officially sounded the alarm on a critical vulnerability in...

CISA Alert: Chinese Hackers Weaponize CVSS 10 Cisco Zero-Day & SonicWall Exploit Chains CISA KEV Update, Cisco Zero-Day KEV Vulnerabilities

CISA KEV Update, Cisco Zero-Day KEV Vulnerabilities

CISA Alert: Chinese Hackers Weaponize CVSS 10 Cisco Zero-Day & SonicWall Exploit Chains

Do Son December 18, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive adding three critical vulnerabilities to...

CISA KEV Alert: GeoServer XXE Flaw Under Active Attack Risks Data Theft & Internal Network Scanning CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA KEV Alert: GeoServer XXE Flaw Under Active Attack Risks Data Theft & Internal Network Scanning

Do Son December 12, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the widely used OSGeo...

CISA KEV Alert: WinRAR Zero-Day Used for Malware Injection and Windows UAF RCE Under Active Attack n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

CISA KEV Alert: WinRAR Zero-Day Used for Malware Injection and Windows UAF RCE Under Active Attack

Do Son December 10, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new mandate for federal agencies to patch...

CISA KEV Alert: EOL D-Link and Array Networks Command Injection Under Active Attack Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

CISA KEV Alert: EOL D-Link and Array Networks Command Injection Under Active Attack

Do Son December 9, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with two...

CISA KEV Alert: FortiWeb RCE Flaw (CVE-2025-58034) Under Active Exploitation for Command Injection

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

CISA KEV Alert: FortiWeb RCE Flaw (CVE-2025-58034) Under Active Exploitation for Command Injection

Do Son November 19, 2025

Fortinet has issued an urgent advisory warning customers that a newly disclosed vulnerability in FortiWeb, tracked as...

CISA KEV Alert: Two Critical Flaws Under Active Exploitation, Including Gladinet LFI/RCE and CWP Admin Takeover n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

CISA KEV Alert: Two Critical Flaws Under Active Exploitation, Including Gladinet LFI/RCE and CWP Admin Takeover

Do Son November 5, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities—CVE-2025-11371 in Gladinet CentreStack and...

Chinese APT BRONZE BUTLER Exploits LANSCOPE Zero-Day for SYSTEM Control BRONZE BUTLER, Zero-Day

BRONZE BUTLER, Zero-Day

Chinese APT BRONZE BUTLER Exploits LANSCOPE Zero-Day for SYSTEM Control

Do Son October 31, 2025

A sophisticated campaign executed by the Chinese state-sponsored threat group BRONZE BUTLER (also known as Tick) has...

CISA KEV Alert: Critical DELMIA Apriso Flaws Under Active Exploitation Allow RCE and Privileged Access actively exploited vulnerabilities Android privilege escalation flaw DELMIA Apriso RCE, CISA KEV Exploitation ServiceNow Vulnerabilities

actively exploited vulnerabilities Android privilege escalation flaw DELMIA Apriso RCE, CISA KEV Exploitation ServiceNow Vulnerabilities

CISA KEV Alert: Critical DELMIA Apriso Flaws Under Active Exploitation Allow RCE and Privileged Access

Do Son October 29, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added two critical Dassault Systèmes DELMIA Apriso vulnerabilities to...

Zimbra XSS Zero-Day (CVE-2025-27915) Actively Exploited; CISA Adds to KEV Catalog State-Sponsored Exploitation CISA KEV Catalog F5 BIG-IP RCE CISA KEV Catalog SolarWinds WHD Exploit CVE-2025-40551 Zimbra XSS Zero-Day CVE-2025-27915 Exploited Windows Security Vulnerabilities

State-Sponsored Exploitation CISA KEV Catalog F5 BIG-IP RCE CISA KEV Catalog SolarWinds WHD Exploit CVE-2025-40551 Zimbra XSS Zero-Day CVE-2025-27915 Exploited Windows Security Vulnerabilities

Zimbra XSS Zero-Day (CVE-2025-27915) Actively Exploited; CISA Adds to KEV Catalog

Do Son October 8, 2025

A cross-site scripting (XSS) vulnerability in Synacor Zimbra Collaboration Suite (ZCS) — tracked as CVE-2025-27915 — has...

CISA Adds Three D-Link Flaws to KEV Catalog: EOL IP Cameras Under Active Exploitation CISA KEV, D-Link Vulnerabilities

CISA KEV, D-Link Vulnerabilities

CISA Adds Three D-Link Flaws to KEV Catalog: EOL IP Cameras Under Active Exploitation

Do Son August 6, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning for organizations and government entities:...

Metasploit Module Released for Actively Exploited Microsoft SharePoint Flaw CVE-2025-53770 SharePoint RCE, Metasploit Exploit

SharePoint RCE, Metasploit Exploit

Metasploit Module Released for Actively Exploited Microsoft SharePoint Flaw CVE-2025-53770

Do Son July 23, 2025

A newly released Metasploit module highlights the critical threat posed by an actively exploited remote code execution...

CISA Alert: Actively Exploited Zero-Days in CrushFTP, Chrome, and SysAid Added to KEV Catalog CISA KEV, Zero-Day Exploitation

CISA KEV, Zero-Day Exploitation

CISA Alert: Actively Exploited Zero-Days in CrushFTP, Chrome, and SysAid Added to KEV Catalog

Do Son July 23, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with four...

FortiWeb SQL Injection (CVE-2025-25257) Added to CISA KEV After Active Exploitation, PoC Available! CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

FortiWeb SQL Injection (CVE-2025-25257) Added to CISA KEV After Active Exploitation, PoC Available!

Do Son July 19, 2025

A critical SQL injection vulnerability in Fortinet FortiWeb, tracked as CVE-2025-25257, has been added to the CISA...

CitrixBleed 2: CVE-2025-5777 Joins CISA’s KEV Catalog Amid Active Exploitation Storm, PoC Available CitrixBleed 2, Session Hijacking

CitrixBleed 2, Session Hijacking

CitrixBleed 2: CVE-2025-5777 Joins CISA’s KEV Catalog Amid Active Exploitation Storm, PoC Available

Do Son July 11, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2025-5777 to its Known Exploited Vulnerabilities...

🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

CVE-2026-28496CVSS 9.4
FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template...
Admin intel🗓 Updated: Jun 25, 2026
CVE-2026-12569
PTC Windchill and FlexPLM contains an improper input validation vulnerability allowing an unauthenticated, remote attacker to execute arbitrary...
🗓 Added to KEV: Jun 25, 2026
CVE-2025-67038CVSS 9.8
Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands into the...
🗓 Added to KEV: Jun 23, 2026
CVE-2026-34910CVSS 10.0
Ubiquiti UniFi OS contains an improper input validation vulnerability which could allow a malicious actor with access to...
🗓 Added to KEV: Jun 23, 2026
CVE-2026-34909CVSS 10.0
Ubiquiti UniFi OS contains a path traversal vulnerability which could allow a malicious actor with access to the...
🗓 Added to KEV: Jun 23, 2026
CVE-2026-34908CVSS 10.0
Ubiquiti UniFi OS contains an improper access control vulnerability which could allow a malicious actor with access to...
🗓 Added to KEV: Jun 23, 2026
CVE-2026-20230CVSS 8.6
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified...
Admin intel🗓 Updated: Jun 22, 2026
CVE-2026-20253CVSS 9.8
Splunk Enterprise contains a missing authentication for critical function vulnerability which could allow an unauthenticated user to create...
🗓 Added to KEV: Jun 18, 2026