CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV

To support the cybersecurity community and help network defenders stay ahead of active threat activity, CISA publishes cisa alert today updates and maintains the authoritative catalog of known exploited vulnerabilities. This KEV database highlights vulnerabilities that have been actively used in real-world attacks, making it an essential resource for security teams aiming to strengthen their defenses.

Organizations should incorporate the KEV catalog into their vulnerability management prioritization framework to ensure they address high-risk issues efficiently and stay aligned with the latest threat intelligence. With frequent updates — including entries marked as cisa kev added today — the catalog enables teams to react quickly to emerging exploitation trends. To streamline monitoring and improve response time, CVEfeed.io provides the freshest CISA KEV additions, delivering real-time visibility into newly identified exploited vulnerabilities and helping organizations maintain accurate, up-to-date security postures.

    10.0

    HIGH
    CVE-2020-5847 - Unraid Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Unraid

    Description : Unraid contains a vulnerability due to the insecure use of the extract PHP function that can be abused to execute remote code as root. This CVE is chainable with CVE-2020-5849 for initial access.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-5847

    Alert Date: Nov 03, 2021 | 1546 days ago

    9.8

    CRITICAL
    CVE-2019-5544 - VMware ESXi and Horizon DaaS OpenSLP Heap-Based Buffer Overflow Vulnerability -

    Action Due May 03, 2022 Target Vendor : VMware

    Description : VMware ESXi and Horizon Desktop as a Service (DaaS) OpenSLP contains a heap-based buffer overflow vulnerability that allows an attacker with network access to port 427 to overwrite the heap of the OpenSLP service to perform remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-5544

    Alert Date: Nov 03, 2021 | 1546 days ago

    7.5

    HIGH
    CVE-2019-8394 - Zoho ManageEngine ServiceDesk Plus (SDP) File Upload Vulnerability -

    Action Due May 03, 2022 Target Vendor : Zoho

    Description : Zoho ManageEngine ServiceDesk Plus (SDP) contains an unspecified vulnerability that allows remote users to upload files via login page customization.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-8394

    Alert Date: Nov 03, 2021 | 1546 days ago
Showing 20 of 1503 Results

Filters