Known Exploited Vulnerabilities

Start with what matters now.

Track the current KEV landscape, jump into the newest year, and read analysis that explains why certain vendors and products keep getting hit.

Browse 2026 CVEs Read analysis
1587 tracked CVEs
24 years indexed
5 analysis articles
Featured analysis 📰 Defense Guide

Hardening the Linux Kernel: Defense in Depth Against Privilege Escalation

Copy Fail demonstrated that Linux kernel privilege escalation flaws can sit undetected for nearly a decade. The Kernel Self Protection Project provides a systematic hardening baseline that raises the cost of exploitation across entire vulnerability classes — not just individual CVEs.

2026-05-01 · 6 CVEs
Current year

Latest from 2026

View all 46 entries

CVE-2026-20131

Cisco Secure Firewall Management Center (FMC) — Unauthenticated Remote Code Execution via Java Deserialization

CVSS 10

CVE-2026-20127

Cisco Catalyst SD-WAN — CVSS 10.0 Peering Authentication Bypass Enabling Fabric-Wide NETCONF Access, Exploited by UAT-8616 Since 2023

CVSS 10

CVE-2026-22769

Dell RecoverPoint for Virtual Machines (RP4VMs) — Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability

CVSS 10

CVE-2026-41940

WebPros cPanel & WHM — Pre-Auth CRLF Injection Grants Unauthenticated Root WHM Access

CVSS 9.8

CVE-2026-39987

Marimo — Pre-Auth RCE via Unauthenticated Terminal WebSocket

CVSS 9.8

CVE-2026-21643

Fortinet FortiClient EMS — Pre-Auth SQL Injection via Site HTTP Header

CVSS 9.8
Archive

Browse by year

2026 46 CVEs 2025 180 CVEs 2024 163 CVEs 2023 163 CVEs 2022 130 CVEs 2021 213 CVEs 2020 146 CVEs 2019 118 CVEs 2018 89 CVEs 2017 86 CVEs 2016 59 CVEs 2015 44 CVEs 2014 34 CVEs 2013 38 CVEs 2012 22 CVEs 2011 9 CVEs 2010 21 CVEs 2009 13 CVEs 2008 4 CVEs 2007 3 CVEs 2006 2 CVEs 2005 1 CVEs 2004 2 CVEs 2002 1 CVEs
Analysis

More reporting and context

See all articles
📰 Education

Landmark CVEs: Seventeen Vulnerabilities That Defined a Decade of Security

From Shellshock to MOVEit, seventeen named vulnerabilities tell the same story over and over: a forgotten service, a trusted dependency, a perimeter device, or a broken authentication assumption becomes the way in. This is a guide for anyone new to cybersecurity who wants to understand what real attacks look like and why they keep succeeding.

2026-05-01 · 17 CVEs

 📰 Threat Cluster

Zimbra's Persistent XSS Problem: Nation-State Actors and the Classic UI (2022–2026)

Seven Zimbra XSS CVEs across four years — all hitting the same Classic UI HTML sanitizer — exploited by Greek, Belarusian, Russian, Vietnamese, and Pakistani nation-state actors for email intelligence collection. Why the vulnerability keeps recurring, and what the exploitation pattern reveals about webmail as intelligence infrastructure.

2026-04-22 · 9 CVEs

 📰 Threat Cluster

Why Ivanti EPMM and EPM Became a Persistent Exploitation Target (2023–2026)

Fifteen Ivanti CVEs across EPMM, EPM, EPM CSA, and Sentry — plus sustained parallel exploitation in Fortinet FortiClient EMS and LANSCOPE endpoint management platforms — show a management-plane attack pattern spanning six years.

2026-04-08 · 19 CVEs

 📰 Threat Cluster

The WAN Control Plane as a Target: Cisco SD-WAN and the UAT-8616 Campaign (2023–2026)

Five CVEs across two exploitation waves — a CVSS 10.0 zero-day active since 2023, a re-weaponised four-year-old privilege escalation, and a three-CVE zero-credential-to-admin chain added with a three-day CISA deadline — document an adversary with protocol-level knowledge of Cisco SD-WAN systematically compromising enterprise WAN management planes.

2026-04-22 · 5 CVEs
Gavin Hollinger & AI assembled this air-gap friendly HTML