CISA Known Exploited Vulnerabilities
6 records
Records flagged in the CISA Known Exploited Vulnerabilities (KEV) catalog. KEV listing and dates are published by CISA.
Source data as of:
| # | CVE ID | CVSS | Severity | EPSS | KEV | Signals | Affected vendors | KEV added |
|---|---|---|---|---|---|---|---|---|
| 1 | CVE-2023-38950 | 7.5 v3.1 | HIGH | 0.8488 | Yes | CISA KEVEPSS highNetworkNo privilegesNo user interactionPath Traversal | zkteco | 2025-05-19 |
| 2 | CVE-2022-26258 | 9.8 v3.1 | CRITICAL | 0.8110 | Yes | CISA KEVEPSS highNetworkNo privilegesNo user interactionOS Command Injection | dlink | 2022-09-08 |
| 3 | CVE-2021-42237 | 9.8 v3.1 | CRITICAL | 0.9790 | Yes | CISA KEVEPSS highNetworkNo privilegesNo user interactionInsecure Deserialization | sitecore | 2022-03-25 |
| 4 | CVE-2021-25298 | 8.8 v3.1 | HIGH | 0.7520 | Yes | CISA KEVEPSS highNetworkNo user interactionOS Command Injection | nagios | 2022-01-18 |
| 5 | CVE-2021-25297 | 8.8 v3.1 | HIGH | 0.5874 | Yes | CISA KEVEPSS highNetworkNo user interactionOS Command Injection | nagios | 2022-01-18 |
| 6 | CVE-2021-25296 | 8.8 v3.1 | HIGH | 0.7154 | Yes | CISA KEVEPSS highNetworkNo user interaction | nagios | 2022-01-18 |