CISAKevBot
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild: the Known Exploited Vulnerability (KEV) catalog. CISA strongly recommends all organizations review and monitor the KEV catalog and prioritize remediation of the listed vulnerabilities to reduce the likelihood of compromise by known threat actors.
Fediverse name: Text copied!
Fediverse URL: Text copied!
Feed URL: https://rud.is/cisa-kev.rssWebsite: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Refreshed at: 6/3/2026, 2:32:10 AM
Entries
- 2026-02-10: [CVE-2026-21533] Microsoft Windows Improper Privilege Management Vulnerability
Posted at: 3/4/2026, 1:41:49 AM - 2026-02-10: [CVE-2026-21519] Microsoft Windows Type Confusion Vulnerability
Posted at: 3/4/2026, 1:41:49 AM - 2026-02-10: [CVE-2026-21514] Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability
Posted at: 3/4/2026, 1:41:49 AM - 2026-02-05: [CVE-2025-11953] React Native Community CLI OS Command Injection Vulnerability
Posted at: 3/4/2026, 1:41:49 AM - 2026-02-05: [CVE-2026-24423] SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability
Posted at: 3/4/2026, 1:41:49 AM - 2026-02-03: [CVE-2021-39935] GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability
Posted at: 3/4/2026, 1:41:49 AM - 2026-02-03: [CVE-2025-64328] Sangoma FreePBX OS Command Injection Vulnerability
Posted at: 3/4/2026, 1:41:49 AM - 2026-02-03: [CVE-2019-19006] Sangoma FreePBX Improper Authentication Vulnerability
Posted at: 3/4/2026, 1:41:49 AM - 2026-02-03: [CVE-2025-40551] SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability
Posted at: 3/4/2026, 1:41:49 AM - 2026-01-29: [CVE-2026-1281] Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
Posted at: 3/4/2026, 1:41:49 AM