Known Exploited Vulnerabilities Database
A live mirror of the CISA Known Exploited Vulnerabilities (KEV) catalog — CVEs confirmed to be actively exploited in the wild, enriched nightly with CVSS scoring and AI-generated plain-English breakdowns.
1,635
Tracked CVEs
329
Linked to ransomware
4
Added in last 7 days
Today's Top Exploited Vulnerabilities
AI-generated breakdowns of the most recently catalogued, actively exploited vulnerabilities.
Oracle PeopleSoft Enterprise PeopleTools
Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability
This critical vulnerability, CVE-2026-35273, affects Oracle PeopleSoft Enterprise PeopleTools versions 8.61 and 8.62. It's a flaw where important system functions lack proper security checks. An attacker can exploit this over the internet without needing a username or password, leading to a complete takeover of your PeopleSoft system.
CVSS 9.8
Check Point Security Gateway
Check Point Security Gateway Improper Authentication Vulnerability
This vulnerability affects Check Point Security Gateway products, allowing an attacker to connect to your network through the VPN without knowing the correct password. It exploits a weakness in an older, less secure part of the system called IKEv1. This means an unauthorized person can gain remote access to your network.
CVSS 9.3
TanStack TanStack
TanStack Unspecified Vulnerability
CVE-2026-45321 is an unspecified vulnerability in TanStack that allowed attackers to publish malicious versions of its packages to the npm registry. These malicious versions, disguised as trusted updates, contained credential-stealing malware. The attackers achieved this by exploiting a series of GitHub Actions misconfigurations to gain unauthorized publishing capabilities.
CVSS 9.6
Latest Catalogued Vulnerabilities
Most recently added entries in the CISA KEV catalog, ordered by date added.
| CVE ID | Vendor / Product | |
|---|---|---|
| CVE-2026-56290 | Joomlack Page Builder Joomlack Page Builder Improper Access Control Vulnerability | Details |
| CVE-2026-55255 | Langflow Langflow Langflow Authorization Bypass Through User-Controlled Key Vulnerability | Details |
| CVE-2026-48908 | JoomShaper SP Page Builder JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability | Details |
| CVE-2026-48282 | Adobe ColdFusion Adobe ColdFusion Path Traversal Vulnerability | Details |
| CVE-2026-45659 | Microsoft SharePoint Server Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability | Details |
| CVE-2026-48558 | SimpleHelp SimpleHelp SimpleHelp Authentication Bypass Vulnerability | Details |
| CVE-2026-20230 | Cisco Unified Communications Manager Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability | Details |
| CVE-2026-12569 | PTC Windchill and FlexPLM PTC Windchill and FlexPLM Improper Input Validation Vulnerability | Details |
| CVE-2026-34910 | Ubiquiti UniFi OS Ubiquiti UniFi OS Improper Input Validation Vulnerability | Details |
| CVE-2026-34909 | Ubiquiti UniFi OS Ubiquiti UniFi OS Path Traversal Vulnerability | Details |
| CVE-2026-34908 | Ubiquiti UniFi OS Ubiquiti UniFi OS Improper Access Control Vulnerability | Details |
| CVE-2025-67038 | Lantronix EDS5000 Lantronix EDS5000 Code Injection Vulnerability | Details |
| CVE-2026-20253 | Splunk Enterprise Splunk Enterprise Missing Authentication for Critical Function Vulnerability | Details |
| CVE-2026-48907 | Widget Factory Joomla Content Editor Widget Factory Joomla Content Editor Improper Access Control Vulnerability | Details |
| CVE-2026-54420 | LiteSpeed cPanel Plugin LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability | Details |
| CVE-2026-20262 | Cisco Catalyst SD-WAN Manager Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability | Details |
| CVE-2026-35273 Ransomware | Oracle PeopleSoft Enterprise PeopleTools Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability | Details |
| CVE-2026-10520 | Ivanti Sentry Ivanti Sentry OS Command Injection Vulnerability | Details |
| CVE-2026-7473 | Arista Extensible Operating System Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability | Details |
| CVE-2026-20245 | Cisco Catalyst SD-WAN Manager Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability | Details |
| CVE-2026-11645 | Google Chromium V8 Google Chromium V8 Out-of-Bounds Read and Write Vulnerability | Details |
| CVE-2026-50751 Ransomware | Check Point Security Gateway Check Point Security Gateway Improper Authentication Vulnerability | Details |
| CVE-2026-42271 | BerriAI LiteLLM BerriAI LiteLLM Command Injection Vulnerability | Details |
| CVE-2026-28318 | SolarWinds Serv-U SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability | Details |
| CVE-2026-45247 | Mirasvit Mirasvit Full Page Cache Warmer Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability | Details |
| CVE-2025-48595 | Android Framework Android Framework Integer Overflow Vulnerability | Details |
| CVE-2022-0492 | Linux Kernel Linux Kernel Improper Authentication Vulnerability | Details |
| CVE-2024-21182 | Oracle WebLogic Server Oracle WebLogic Server Unspecified Vulnerability | Details |
| CVE-2026-0257 | Palo Alto Networks PAN-OS Palo Alto Networks PAN-OS Authentication Bypass Vulnerability | Details |
| CVE-2026-8398 | Daemon Daemon Tools Lite Daemon Tools Lite Embedded Malicious Code Vulnerability | Details |
| CVE-2026-48027 Ransomware | Nx Nx Console Nx Console Embedded Malicious Code Vulnerability | Details |
| CVE-2026-45321 Ransomware | TanStack TanStack TanStack Unspecified Vulnerability | Details |
| CVE-2026-48172 | LiteSpeed cPanel Plugin LiteSpeed cPanel Plugin Privilege Escalation Vulnerability | Details |
| CVE-2026-9082 | Drupal Core Drupal Core SQL Injection Vulnerability | Details |
| CVE-2026-34926 | Trend Micro Apex One Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability | Details |
| CVE-2025-34291 | Langflow Langflow Langflow Origin Validation Error Vulnerability | Details |
| CVE-2026-45498 | Microsoft Defender Microsoft Defender Denial of Service Vulnerability | Details |
| CVE-2026-41091 | Microsoft Defender Microsoft Defender Link Following Vulnerability | Details |
| CVE-2010-0806 | Microsoft Internet Explorer Microsoft Internet Explorer Use-After-Free Vulnerability | Details |
| CVE-2010-0249 | Microsoft Internet Explorer Microsoft Internet Explorer Use-After-Free Vulnerability | Details |
| CVE-2009-3459 | Adobe Acrobat and Reader Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability | Details |
| CVE-2009-1537 | Microsoft DirectX Microsoft DirectX NULL Byte Overwrite Vulnerability | Details |
| CVE-2008-4250 | Microsoft Windows Microsoft Windows Buffer Overflow Vulnerability | Details |
| CVE-2026-42897 | Microsoft Microsoft Microsoft Exchange Server Cross-Site Scripting Vulnerability | Details |
| CVE-2026-20182 | Cisco Catalyst SD-WAN Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability | Details |
| CVE-2026-42208 | BerriAI LiteLLM BerriAI LiteLLM SQL Injection Vulnerability | Details |
| CVE-2026-6973 | Ivanti Endpoint Manager Mobile (EPMM) Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability | Details |
| CVE-2026-0300 | Palo Alto Networks PAN-OS Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability | Details |
| CVE-2026-31431 | Linux Kernel Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability | Details |
| CVE-2026-41940 Ransomware | WebPros cPanel & WHM and WP2 (WordPress Squared) WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability | Details |
| CVE-2026-32202 | Microsoft Windows Microsoft Windows Protection Mechanism Failure Vulnerability | Details |
| CVE-2024-1708 Ransomware | ConnectWise ScreenConnect ConnectWise ScreenConnect Path Traversal Vulnerability | Details |
| CVE-2025-29635 | D-Link DIR-823X D-Link DIR-823X Command Injection Vulnerability | Details |
| CVE-2024-7399 | Samsung MagicINFO 9 Server Samsung MagicINFO 9 Server Path Traversal Vulnerability | Details |
| CVE-2024-57728 Ransomware | SimpleHelp SimpleHelp SimpleHelp Path Traversal Vulnerability | Details |
| CVE-2024-57726 Ransomware | SimpleHelp SimpleHelp SimpleHelp Missing Authorization Vulnerability | Details |
| CVE-2026-39987 | Marimo Marimo Marimo Remote Code Execution Vulnerability | Details |
| CVE-2026-33825 Ransomware | Microsoft Defender Microsoft Defender Insufficient Granularity of Access Control Vulnerability | Details |
| CVE-2026-20133 | Cisco Catalyst SD-WAN Manager Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability | Details |
| CVE-2026-20128 | Cisco Catalyst SD-WAN Manager Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability | Details |
Sources & Methodology
This catalog mirrors the official CISA Known Exploited Vulnerabilities catalog via a nightly sync. Newly added entries are enriched with CVSS scoring from the NIST National Vulnerability Database and given an AI-generated summary, impact assessment, and recommended action. AI breakdowns are generated from the underlying CISA and NVD data and should be treated as a starting point, not a substitute for your own risk assessment.
Know Which Vulnerabilities Actually Matter
A VAPT assessment tells you which of these actively exploited vulnerabilities exist in your own environment. CRS delivers continuous, compliance-grade penetration testing across Africa and North America.