CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV

To support the cybersecurity community and help network defenders stay ahead of active threat activity, CISA publishes cisa alert today updates and maintains the authoritative catalog of known exploited vulnerabilities. This KEV database highlights vulnerabilities that have been actively used in real-world attacks, making it an essential resource for security teams aiming to strengthen their defenses.

Organizations should incorporate the KEV catalog into their vulnerability management prioritization framework to ensure they address high-risk issues efficiently and stay aligned with the latest threat intelligence. With frequent updates — including entries marked as cisa kev added today — the catalog enables teams to react quickly to emerging exploitation trends. To streamline monitoring and improve response time, CVEfeed.io provides the freshest CISA KEV additions, delivering real-time visibility into newly identified exploited vulnerabilities and helping organizations maintain accurate, up-to-date security postures.

    7.8

    HIGH
    CVE-2019-1129 - Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability -

    Action Due Apr 05, 2022 Target Vendor : Microsoft

    Description : A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1129

    Alert Date: Mar 15, 2022 | 1398 days ago

    9.6

    CRITICAL
    CVE-2022-26486 - Mozilla Firefox Use-After-Free Vulnerability -

    Action Due Mar 21, 2022 Target Vendor : Mozilla

    Description : Mozilla Firefox contains a use-after-free vulnerability in WebGPU IPC Framework which can be exploited to perform arbitrary code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-26486

    Alert Date: Mar 07, 2022 | 1406 days ago

    8.8

    HIGH
    CVE-2022-26485 - Mozilla Firefox Use-After-Free Vulnerability -

    Action Due Mar 21, 2022 Target Vendor : Mozilla

    Description : Mozilla Firefox contains a use-after-free vulnerability in XSLT parameter processing which can be exploited to perform arbitrary code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-26485

    Alert Date: Mar 07, 2022 | 1406 days ago

    5.3

    MEDIUM
    CVE-2021-21973 - VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability -

    Action Due Mar 21, 2022 Target Vendor : VMware

    Description : VMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosure.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-21973

    Alert Date: Mar 07, 2022 | 1406 days ago

    7.2

    HIGH
    CVE-2020-8218 - Pulse Connect Secure Code Injection Vulnerability -

    Action Due Sep 07, 2022 Target Vendor : Pulse Secure

    Description : A code injection vulnerability exists in Pulse Connect Secure that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-8218

    Alert Date: Mar 07, 2022 | 1406 days ago

    9.8

    CRITICAL
    CVE-2019-11581 - Atlassian Jira Server and Data Center Server-Side Template Injection Vulnerability -

    Action Due Sep 07, 2022 Target Vendor : Atlassian

    Description : Atlassian Jira Server and Data Center contain a server-side template injection vulnerability which can allow for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-11581

    Alert Date: Mar 07, 2022 | 1406 days ago

    10.0

    HIGH
    CVE-2017-6077 - NETGEAR DGN2200 Remote Code Execution Vulnerability -

    Action Due Sep 07, 2022 Target Vendor : NETGEAR

    Description : NETGEAR DGN2200 wireless routers contain a vulnerability that allows for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-6077

    Alert Date: Mar 07, 2022 | 1406 days ago

    9.3

    HIGH
    CVE-2016-6277 - NETGEAR Multiple Routers Remote Code Execution Vulnerability -

    Action Due Sep 07, 2022 Target Vendor : NETGEAR

    Description : NETGEAR confirmed multiple routers allow unauthenticated web pages to pass form input directly to the command-line interface, permitting remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2016-6277

    Alert Date: Mar 07, 2022 | 1406 days ago

    7.5

    HIGH
    CVE-2013-0631 - Adobe ColdFusion Information Disclosure Vulnerability -

    Action Due Sep 07, 2022 Target Vendor : Adobe

    Description : Adobe Coldfusion contains an unspecified vulnerability, which could result in information disclosure from a compromised server.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2013-0631

    Alert Date: Mar 07, 2022 | 1406 days ago

    7.5

    HIGH
    CVE-2013-0629 - Adobe ColdFusion Directory Traversal Vulnerability -

    Action Due Sep 07, 2022 Target Vendor : Adobe

    Description : Adobe Coldfusion contains a directory traversal vulnerability, which could permit an unauthorized user access to restricted directories.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2013-0629

    Alert Date: Mar 07, 2022 | 1406 days ago

    6.5

    MEDIUM
    CVE-2009-3960 - Adobe BlazeDS Information Disclosure Vulnerability -

    Action Due Sep 07, 2022 Target Vendor : Adobe

    Description : Adobe BlazeDS, which is utilized in LifeCycle and Coldfusion, contains a vulnerability that allows for information disclosure.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2009-3960

    Alert Date: Mar 07, 2022 | 1406 days ago

    9.8

    CRITICAL
    CVE-2013-0625 - Adobe ColdFusion Authentication Bypass Vulnerability -

    Action Due Sep 07, 2022 Target Vendor : Adobe

    Description : Adobe Coldfusion contains an authentication bypass vulnerability, which could result in an unauthorized user gaining administrative access.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2013-0625

    Alert Date: Mar 07, 2022 | 1406 days ago

    7.2

    HIGH
    CVE-2016-5195 - Linux Kernel Race Condition Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Linux

    Description : Race condition in mm/gup.c in the Linux kernel allows local users to escalate privileges.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2016-5195

    Alert Date: Mar 03, 2022 | 1410 days ago

    10.0

    CRITICAL
    CVE-2022-20701 - Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Cisco

    Description : A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-20701

    Alert Date: Mar 03, 2022 | 1410 days ago

    10.0

    CRITICAL
    CVE-2022-20700 - Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Cisco

    Description : A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-20700

    Alert Date: Mar 03, 2022 | 1410 days ago

    10.0

    CRITICAL
    CVE-2022-20699 - Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Cisco

    Description : A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-20699

    Alert Date: Mar 03, 2022 | 1410 days ago

    7.8

    HIGH
    CVE-2021-41379 - Microsoft Windows Installer Privilege Escalation Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Microsoft

    Description : Microsoft Windows Installer contains an unspecified vulnerability that allows for privilege escalation.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-41379

    Alert Date: Mar 03, 2022 | 1410 days ago

    9.8

    CRITICAL
    CVE-2020-1938 - Apache Tomcat Improper Privilege Management Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Apache

    Description : Apache Tomcat treats Apache JServ Protocol (AJP) connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-1938

    Alert Date: Mar 03, 2022 | 1410 days ago

    5.4

    MEDIUM
    CVE-2020-11899 - Treck TCP/IP stack Out-of-Bounds Read Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Treck TCP/IP stack

    Description : The Treck TCP/IP stack contains an IPv6 out-of-bounds read vulnerability.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-11899

    Alert Date: Mar 03, 2022 | 1410 days ago

    9.8

    CRITICAL
    CVE-2019-16928 - Exim Out-of-bounds Write Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Exim

    Description : Exim contains an out-of-bounds write vulnerability which can allow for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-16928

    Alert Date: Mar 03, 2022 | 1410 days ago
Showing 20 of 1490 Results

Filters