CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV
Threat Intelligence

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    7.8

    HIGH
    CVE-2022-34713 - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability -

    Action Due Aug 30, 2022 Target Vendor : Microsoft

    Description :A remote code execution vulnerability exists when Microsoft Windows MSDT is called using the URL protocol from a calling application.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34713; https://nvd.nist.gov/vuln/detail/CVE-2022-34713

    Alert Date: Aug 09, 2022 | 1362 days ago

    7.5

    HIGH
    CVE-2022-30333 - RARLAB UnRAR Directory Traversal Vulnerability -

    Action Due Aug 30, 2022 Target Vendor : RARLAB

    Description :RARLAB UnRAR on Linux and UNIX contains a directory traversal vulnerability, allowing an attacker to write to files during an extract (unpack) operation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Feb 26, 2026

    Notes :Vulnerability updated with version 6.12. Accessing link will download update information: https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz; https://nvd.nist.gov/vuln/detail/CVE-2022-30333

    Alert Date: Aug 09, 2022 | 1362 days ago

    7.5

    HIGH
    CVE-2022-27924 - Synacor Zimbra Collaboration Suite (ZCS) Command Injection Vulnerability -

    Action Due Aug 25, 2022 Target Vendor : Synacor

    Description :Synacor Zimbra Collaboration Suite (ZCS) allows an attacker to inject memcache commands into a targeted instance which causes an overwrite of arbitrary cached entries.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Feb 26, 2026

    Notes :https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P24.1#Security_Fixes; https://nvd.nist.gov/vuln/detail/CVE-2022-27924

    Alert Date: Aug 04, 2022 | 1367 days ago

    9.8

    CRITICAL
    CVE-2022-26138 - Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability -

    Action Due Aug 19, 2022 Target Vendor : Atlassian

    Description :Atlassian Questions For Confluence App has hard-coded credentials, exposing the username and password in plaintext. A remote unauthenticated attacker can use these credentials to log into Confluence and access all content accessible to users in the confluence-users group.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://confluence.atlassian.com/doc/questions-for-confluence-security-advisory-2022-07-20-1142446709.html; https://nvd.nist.gov/vuln/detail/CVE-2022-26138

    Alert Date: Jul 29, 2022 | 1373 days ago

    7.8

    HIGH
    CVE-2022-22047 - Microsoft Windows Client Server Runtime Subsystem (CSRSS) Privilege Escalation Vulnerability -

    Action Due Aug 02, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows CSRSS contains an unspecified vulnerability that allows for privilege escalation to SYSTEM privileges.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047; https://nvd.nist.gov/vuln/detail/CVE-2022-22047

    Alert Date: Jul 12, 2022 | 1390 days ago

    8.1

    HIGH
    CVE-2022-26925 - Microsoft Windows LSA Spoofing Vulnerability -

    Action Due Jul 22, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate to the attacker using NTLM.

    Action :Apply remediation actions outlined in CISA guidance [https://www.cisa.gov/guidance-applying-june-microsoft-patch].

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :WARNING: This update is required on all Microsoft Windows endpoints but if deployed to domain controllers without additional configuration changes the update breaks PIV/CAC authentication. Read CISA implementation guidance carefully before deploying to domain controllers.; https://nvd.nist.gov/vuln/detail/CVE-2022-26925

    Alert Date: Jul 01, 2022 | 1401 days ago

    9.3

    HIGH
    CVE-2019-8605 - Apple Multiple Products Use-After-Free Vulnerability -

    Action Due Jul 18, 2022 Target Vendor : Apple

    Description :A use-after-free vulnerability in Apple iOS, macOS, tvOS, and watchOS could allow a malicious application to execute code with system privileges.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-8605

    Alert Date: Jun 27, 2022 | 1405 days ago

    9.3

    HIGH
    CVE-2020-9907 - Apple Multiple Products Memory Corruption Vulnerability -

    Action Due Jul 18, 2022 Target Vendor : Apple

    Description :Apple iOS, iPadOS, and tvOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-9907

    Alert Date: Jun 27, 2022 | 1405 days ago

    7.8

    HIGH
    CVE-2021-4034 - Red Hat Polkit Out-of-Bounds Read and Write Vulnerability -

    Action Due Jul 18, 2022 Target Vendor : Red Hat

    Description :The Red Hat polkit pkexec utility contains an out-of-bounds read and write vulnerability that allows for privilege escalation with administrative rights.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-4034

    Alert Date: Jun 27, 2022 | 1405 days ago

    9.3

    HIGH
    CVE-2021-30983 - Apple iOS and iPadOS Buffer Overflow Vulnerability -

    Action Due Jul 18, 2022 Target Vendor : Apple

    Description :Apple iOS and iPadOS contain a buffer overflow vulnerability that could allow an application to execute code with kernel privileges.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30983

    Alert Date: Jun 27, 2022 | 1405 days ago

    9.3

    HIGH
    CVE-2018-4344 - Apple Multiple Products Memory Corruption Vulnerability -

    Action Due Jul 18, 2022 Target Vendor : Apple

    Description :Apple iOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability which can allow for code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-4344

    Alert Date: Jun 27, 2022 | 1405 days ago

    10.0

    HIGH
    CVE-2022-29499 - Mitel MiVoice Connect Data Validation Vulnerability -

    Action Due Jul 18, 2022 Target Vendor : Mitel

    Description :The Service Appliance component in Mitel MiVoice Connect allows remote code execution due to incorrect data validation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Jun 27, 2022

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-29499

    Alert Date: Jun 27, 2022 | 1405 days ago

    6.5

    MEDIUM
    CVE-2021-30533 - Google Chromium PopupBlocker Security Bypass Vulnerability -

    Action Due Jul 18, 2022 Target Vendor : Google

    Description :Google Chromium PopupBlocker contains an insufficient policy enforcement vulnerability that allows a remote attacker to bypass navigation restrictions via a crafted iframe. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30533

    Alert Date: Jun 27, 2022 | 1405 days ago

    9.3

    HIGH
    CVE-2020-3837 - Apple Multiple Products Memory Corruption Vulnerability -

    Action Due Jul 18, 2022 Target Vendor : Apple

    Description :Apple iOS, iPadOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-3837

    Alert Date: Jun 27, 2022 | 1405 days ago

    9.3

    HIGH
    CVE-2022-30190 - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability -

    Action Due Jul 05, 2022 Target Vendor : Microsoft

    Description :A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run code with the privileges of the calling application.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Feb 26, 2026

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-30190

    Alert Date: Jun 14, 2022 | 1418 days ago

    5.3

    MEDIUM
    CVE-2016-2388 - SAP NetWeaver Information Disclosure Vulnerability -

    Action Due Jun 30, 2022 Target Vendor : SAP

    Description :The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-2388

    Alert Date: Jun 09, 2022 | 1423 days ago

    9.8

    CRITICAL
    CVE-2016-2386 - SAP NetWeaver SQL Injection Vulnerability -

    Action Due Jun 30, 2022 Target Vendor : SAP

    Description :SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-2386

    Alert Date: Jun 09, 2022 | 1423 days ago

    9.9

    CRITICAL
    CVE-2021-38163 - SAP NetWeaver Unrestricted File Upload Vulnerability -

    Action Due Jun 30, 2022 Target Vendor : SAP

    Description :SAP NetWeaver contains a vulnerability that allows unrestricted file upload.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-38163

    Alert Date: Jun 09, 2022 | 1423 days ago

    8.8

    HIGH
    CVE-2017-5070 - Google Chromium V8 Type Confusion Vulnerability -

    Action Due Jun 22, 2022 Target Vendor : Google

    Description :Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-5070

    Alert Date: Jun 08, 2022 | 1424 days ago

    9.8

    CRITICAL
    CVE-2017-6862 - NETGEAR Multiple Devices Buffer Overflow Vulnerability -

    Action Due Jun 22, 2022 Target Vendor : NETGEAR

    Description :Multiple NETGEAR devices contain a buffer overflow vulnerability that allows for authentication bypass and remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-6862

    Alert Date: Jun 08, 2022 | 1424 days ago
Showing 20 of 1591 Results

Filters