CISA Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.Y

    7.5

    CVSS31
    CVE-2025-5777 - Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability -

    Action Due Jul 11, 2025 Target Vendor : Citrix

    Description : Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient input validation. This vulnerability can lead to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX693420 ; https://nvd.nist.gov/vuln/detail/CVE-2025-5777

    Alert Date: Jul 10, 2025 | 4 days ago

    7.5

    CVSS31
    CVE-2019-9621 - Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery (SSRF) Vulnerability -

    Action Due Jul 28, 2025 ( 13 days left ) Target Vendor : Synacor

    Description : Synacor Zimbra Collaboration Suite (ZCS) contains a server-side request forgery (SSRF) vulnerability via the ProxyServlet component.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories ; https://wiki.zimbra.com/wiki/Security_Center ; https://nvd.nist.gov/vuln/detail/CVE-2019-9621

    Alert Date: Jul 07, 2025 | 7 days ago

    7.5

    CVSS31
    CVE-2019-5418 - Rails Ruby on Rails Path Traversal Vulnerability -

    Action Due Jul 28, 2025 ( 13 days left ) Target Vendor : Rails

    Description : Rails Ruby on Rails contains a path traversal vulnerability in Action View. Specially crafted accept headers in combination with calls to `render file:` can cause arbitrary files on the target server to be rendered, disclosing the file contents.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://web.archive.org/web/20190313201629/https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/ ; https://nvd.nist.gov/vuln/detail/CVE-2019-5418

    Alert Date: Jul 07, 2025 | 7 days ago

    9.8

    CVSS31
    CVE-2016-10033 - PHPMailer Command Injection Vulnerability -

    Action Due Jul 28, 2025 ( 13 days left ) Target Vendor : PHP

    Description : PHPMailer contains a command injection vulnerability because it fails to sanitize user-supplied input. Specifically, this issue affects the 'mail()' function of 'class.phpmailer.php' script. An attacker can exploit this issue to execute arbitrary code within the context of the application. Failed exploit attempts will result in a denial-of-service condition.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/PHPMailer/PHPMailer/releases/tag/v5.2.18 ; https://github.com/advisories/GHSA-5f37-gxvh-23v6 ; https://nvd.nist.gov/vuln/detail/CVE-2016-10033

    Alert Date: Jul 07, 2025 | 7 days ago

    9.8

    CVSS31
    CVE-2014-3931 - Multi-Router Looking Glass (MRLG) Buffer Overflow Vulnerability -

    Action Due Jul 28, 2025 ( 13 days left ) Target Vendor : Looking Glass

    Description : Multi-Router Looking Glass (MRLG) contains a buffer overflow vulnerability that could allow remote attackers to cause an arbitrary memory write and memory corruption.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://mrlg.op-sec.us/ ; https://nvd.nist.gov/vuln/detail/CVE-2014-3931

    Alert Date: Jul 07, 2025 | 7 days ago

    8.1

    CVSS31
    CVE-2025-6554 - Google Chromium V8 Type Confusion Vulnerability -

    Action Due Jul 23, 2025 ( 8 days left ) Target Vendor : Google

    Description : Google Chromium V8 contains a type confusion vulnerability that could allow a remote attacker to perform arbitrary read/write via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_30.html?m=1 ; https://nvd.nist.gov/vuln/detail/CVE-2025-6554

    Alert Date: Jul 02, 2025 | 12 days ago

    4.0

    CVSS31
    CVE-2025-48928 - TeleMessage TM SGNL Exposure of Core Dump File to an Unauthorized Control Sphere Vulnerability -

    Action Due Jul 22, 2025 ( 7 days left ) Target Vendor : TeleMessage

    Description : TeleMessage TM SGNL contains an exposure of core dump file to an unauthorized control sphere Vulnerability. This vulnerability is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : It is recommended that mitigations be applied per vendor instructions if available. If these instructions cannot be located or if mitigations are unavailable, discontinue use of the product. ; https://nvd.nist.gov/vuln/detail/CVE-2025-48928

    Alert Date: Jul 01, 2025 | 13 days ago

    5.3

    CVSS31
    CVE-2025-48927 - TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability -

    Action Due Jul 22, 2025 ( 7 days left ) Target Vendor : TeleMessage

    Description : TeleMessage TM SGNL contains an initialization of a resource with an insecure default vulnerability. This vulnerability relies on how the Spring Boot Actuator is configured with an exposed heap dump endpoint at a /heapdump URI.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : It is recommended that mitigations be applied per vendor instructions if available. If these instructions cannot be located or if mitigations are unavailable, discontinue use of the product. ; https://nvd.nist.gov/vuln/detail/CVE-2025-48927

    Alert Date: Jul 01, 2025 | 13 days ago

    9.8

    CVSS31
    CVE-2025-6543 - Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability -

    Action Due Jul 21, 2025 ( 6 days left ) Target Vendor : Citrix

    Description : Citrix NetScaler ADC and Gateway contain a buffer overflow vulnerability leading to unintended control flow and Denial of Service. NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788 ; https://www.netscaler.com/blog/news/netscaler-critical-security-updates-for-cve-2025-6543-and-cve-2025-5777/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-6543

    Alert Date: Jun 30, 2025 | 14 days ago

    6.5

    CVSS31
    CVE-2019-6693 - Fortinet FortiOS Use of Hard-Coded Credentials Vulnerability -

    Action Due Jul 16, 2025 ( 1 days left ) Target Vendor : Fortinet

    Description : Fortinet FortiOS contains a use of hard-coded credentials vulnerability that could allow an attacker to cipher sensitive data in FortiOS configuration backup file via knowledge of the hard-coded key.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://fortiguard.com/advisory/FG-IR-19-007 ; https://nvd.nist.gov/vuln/detail/CVE-2019-6693

    Alert Date: Jun 25, 2025 | 19 days ago

    9.8

    CVSS31
    CVE-2024-0769 - D-Link DIR-859 Router Path Traversal Vulnerability -

    Action Due Jul 16, 2025 ( 1 days left ) Target Vendor : D-Link

    Description : D-Link DIR-859 routers contain a path traversal vulnerability in the file /hedwig.cgi of the component HTTP POST Request Handler. Manipulation of the argument service with the input ../../../../htdocs/webinc/getcfg/DHCPS6.BRIDGE-1.xml allows for the leakage of session data potentially enabling privilege escalation and unauthorized control of the device. This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10371 ; https://nvd.nist.gov/vuln/detail/CVE-2024-0769

    Alert Date: Jun 25, 2025 | 19 days ago

    9.8

    CVSS31
    CVE-2024-54085 - AMI MegaRAC SPx Authentication Bypass by Spoofing Vulnerability -

    Action Due Jul 16, 2025 ( 1 days left ) Target Vendor : AMI

    Description : AMI MegaRAC SPx contains an authentication bypass by spoofing vulnerability in the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025003.pdf ; https://security.netapp.com/advisory/ntap-20250328-0003/ ; https://nvd.nist.gov/vuln/detail/CVE-2024-54085

    Alert Date: Jun 25, 2025 | 19 days ago

    7.8

    CVSS31
    CVE-2023-0386 - Linux Kernel Improper Ownership Management Vulnerability -

    Action Due Jul 08, 2025 Target Vendor : Linux

    Description : Linux Kernel contains an improper ownership management vulnerability, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a ; https://access.redhat.com/security/cve/cve-2023-0386 ; https://security.netapp.com/advisory/ntap-20230420-0004/ ; https://nvd.nist.gov/vuln/detail/CVE-2023-0386

    Alert Date: Jun 17, 2025 | 27 days ago

    8.8

    CVSS31
    CVE-2023-33538 - TP-Link Multiple Routers Command Injection Vulnerability -

    Action Due Jul 07, 2025 Target Vendor : TP-Link

    Description : TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://www.tp-link.com/nordic/support/faq/3562/ ; https://nvd.nist.gov/vuln/detail/CVE-2023-33538

    Alert Date: Jun 16, 2025 | 28 days ago

    4.8

    CVSS31
    CVE-2025-43200 - Apple Multiple Products Unspecified Vulnerability -

    Action Due Jul 07, 2025 Target Vendor : Apple

    Description : Apple iOS, iPadOS, macOS, watchOS, and visionOS, contain an unspecified vulnerability when processing a maliciously crafted photo or video shared via an iCloud Link.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://support.apple.com/en-us/122174 ; https://support.apple.com/en-us/122173 ; https://support.apple.com/en-us/122900 ; https://support.apple.com/en-us/122901 ; https://support.apple.com/en-us/122902 ; https://support.apple.com/en-us/122903 ; https://support.apple.com/en-us/122904 ; https://nvd.nist.gov/vuln/detail/CVE-2025-43200

    Alert Date: Jun 16, 2025 | 28 days ago

    8.8

    CVSS31
    CVE-2025-33053 - Web Distributed Authoring and Versioning (WebDAV) External Control of File Name or Path Vulnerability -

    Action Due Jul 01, 2025 Target Vendor : Web Distributed Authoring and Versioning

    Description : Web Distributed Authoring and Versioning (WebDAV) contains an external control of file name or path vulnerability. This vulnerability could allow an unauthorized attacker to execute code over a network. This vulnerability could affect various products that implement WebDAV, including but not limited to Microsoft Windows.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : This vulnerability affects a common open-source project, third-party library, or a protocol used by different products. For more information, please see: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-33053 ; https://nvd.nist.gov/vuln/detail/CVE-2025-33053

    Alert Date: Jun 10, 2025 | 34 days ago

    9.9

    CVSS31
    CVE-2025-24016 - Wazuh Server Deserialization of Untrusted Data Vulnerability -

    Action Due Jul 01, 2025 Target Vendor : Wazuh

    Description : Wazuh contains a deserialization of untrusted data vulnerability that allows for remote code execution on Wazuh servers.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://github.com/wazuh/wazuh/security/advisories/GHSA-hcrc-79hj-m3qh ; https://nvd.nist.gov/vuln/detail/CVE-2025-24016

    Alert Date: Jun 10, 2025 | 34 days ago

    9.3

    CVSS31
    CVE-2024-42009 - RoundCube Webmail Cross-Site Scripting Vulnerability -

    Action Due Jun 30, 2025 Target Vendor : Roundcube

    Description : RoundCube Webmail contains a cross-site scripting vulnerability. This vulnerability could allow a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desanitization issue in message_body() in program/actions/mail/show.php.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://roundcube.net/news/2024/08/04/security-updates-1.6.8-and-1.5.8 ; https://nvd.nist.gov/vuln/detail/CVE-2024-42009

    Alert Date: Jun 09, 2025 | 35 days ago

    10.0

    CVSS31
    CVE-2025-32433 - Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability -

    Action Due Jun 30, 2025 Target Vendor : Erlang

    Description : Erlang Erlang/OTP SSH server contains a missing authentication for critical function vulnerability. This could allow an attacker to execute arbitrary commands without valid credentials, potentially leading to unauthenticated remote code execution (RCE). By exploiting a flaw in how SSH protocol messages are handled, a malicious actor could gain unauthorized access to affected systems. This vulnerability could affect various products that implement Erlang/OTP SSH server, including—but not limited to—Cisco, NetApp, and SUSE.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : This vulnerability affects a common open-source project, third-party library, or a protocol used by different products. For more information, please see: https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2 ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-erlang-otp-ssh-xyZZy ; https://nvd.nist.gov/vuln/detail/CVE-2025-32433

    Alert Date: Jun 09, 2025 | 35 days ago

    8.8

    CVSS31
    CVE-2025-5419 - Google Chromium V8 Out-of-Bounds Read and Write Vulnerability -

    Action Due Jun 26, 2025 Target Vendor : Google

    Description : Google Chromium V8 contains an out-of-bounds read and write vulnerability that could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action : Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop.html; https://nvd.nist.gov/vuln/detail/CVE-2025-5419",

    Alert Date: Jun 05, 2025 | 39 days ago
Showing 20 of 1382 Results

Filters

© cvefeed.io
Latest DB Update: Jul. 14, 2025 10:02