CISA Known Exploited Vulnerabilities
10 records
Records flagged in the CISA Known Exploited Vulnerabilities (KEV) catalog. KEV listing and dates are published by CISA.
Source data as of:
| # | CVE ID | CVSS | Severity | EPSS | KEV | Signals | Affected vendors | KEV added |
|---|---|---|---|---|---|---|---|---|
| 1 | CVE-2026-34197 | 8.8 v3.1 | HIGH | 0.0622 | Yes | CISA KEVEPSS highNetworkNo user interactionImproper Input ValidationCode InjectionVendor advisory ref | apache | 2026-04-16 |
| 2 | CVE-2026-21643 | 9.8 v3.1 | CRITICAL | 0.3391 | Yes | CISA KEVEPSS highNetworkNo privilegesNo user interactionSQL Injection | fortinet | 2026-04-13 |
| 3 | CVE-2025-54236 | 9.1 v3.1 | CRITICAL | 0.7010 | Yes | CISA KEVEPSS highNetworkNo privilegesNo user interactionImproper Input ValidationVendor advisory ref | adobe | 2025-10-24 |
| 4 | CVE-2025-27363 | 8.1 v3.1 | HIGH | 0.6344 | Yes | CISA KEVEPSS highNetworkNo privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | freetype, debian | 2025-05-06 |
| 5 | CVE-2004-1464 | 5.9 v3.1 | MEDIUM | 0.0170 | Yes | CISA KEVNetworkNo privilegesNo user interactionResource Exhaustion (DoS)Vendor advisory ref | cisco | 2023-05-19 |
| 6 | CVE-2006-2492 | 8.8 v3.1 | HIGH | 0.7783 | Yes | CISA KEVEPSS highNetworkNo privilegesBuffer OverflowVendor advisory ref | microsoft | 2022-06-08 |
| 7 | CVE-2005-2773 | 9.8 v3.1 | CRITICAL | 0.9030 | Yes | CISA KEVEPSS highNetworkNo privilegesNo user interactionCommand InjectionVendor advisory ref | hp | 2022-03-25 |
| 8 | CVE-2004-0210 | 7.8 v3.1 | HIGH | 0.0512 | Yes | CISA KEVNo user interactionBuffer OverflowVendor advisory ref | microsoft | 2022-03-03 |
| 9 | CVE-2002-0367 | 7.8 v3.1 | HIGH | 0.0123 | Yes | CISA KEVNo user interactionPrivilege ManagementVendor advisory ref | microsoft | 2022-03-03 |
| 10 | CVE-2006-1547 | 7.5 v3.1 | HIGH | 0.1537 | Yes | CISA KEVEPSS highNetworkNo privilegesNo user interactionVendor advisory ref | apache | 2022-01-21 |