CISAKevBot
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild: the Known Exploited Vulnerability (KEV) catalog. CISA strongly recommends all organizations review and monitor the KEV catalog and prioritize remediation of the listed vulnerabilities to reduce the likelihood of compromise by known threat actors.
Fediverse name: Text copied!
Fediverse URL: Text copied!
Feed URL: https://rud.is/cisa-kev.rssWebsite: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Refreshed at: 12/29/2025, 8:05:12 PM
Entries
- 2025-06-02: [CVE-2025-35939] Craft CMS External Control of Assumed-Immutable Web Parameter Vulnerability
Posted at: 6/2/2025, 5:59:04 PM - 2025-06-02: [CVE-2024-56145] Craft CMS Code Injection Vulnerability
Posted at: 6/2/2025, 5:59:04 PM - 2025-06-02: [CVE-2023-39780] ASUS RT-AX55 Routers OS Command Injection Vulnerability
Posted at: 6/2/2025, 5:59:04 PM - 2025-05-22: [CVE-2025-4632] Samsung MagicINFO 9 Server Path Traversal Vulnerability
Posted at: 5/22/2025, 6:26:04 PM - 2025-05-19: [CVE-2023-38950] ZKTeco BioTime Path Traversal Vulnerability
Posted at: 5/19/2025, 7:56:09 PM - 2025-05-19: [CVE-2024-27443] Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability
Posted at: 5/19/2025, 7:56:09 PM - 2025-05-19: [CVE-2025-27920] Srimax Output Messenger Directory Traversal Vulnerability
Posted at: 5/19/2025, 7:56:09 PM - 2025-05-19: [CVE-2024-11182] MDaemon Email Server Cross-Site Scripting (XSS) Vulnerability
Posted at: 5/19/2025, 7:56:09 PM - 2025-05-19: [CVE-2025-4428] Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
Posted at: 5/19/2025, 7:56:09 PM - 2025-05-19: [CVE-2025-4427] Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability
Posted at: 5/19/2025, 7:56:09 PM