CISAKevBot
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild: the Known Exploited Vulnerability (KEV) catalog. CISA strongly recommends all organizations review and monitor the KEV catalog and prioritize remediation of the listed vulnerabilities to reduce the likelihood of compromise by known threat actors.
Fediverse name: Text copied!
Fediverse URL: Text copied!
Feed URL: https://rud.is/cisa-kev.rssWebsite: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Refreshed at: 12/30/2025, 7:21:14 AM
Entries
- 2025-03-03: [CVE-2024-4885] Progress WhatsUp Gold Path Traversal Vulnerability
Posted at: 3/3/2025, 3:58:02 PM - 2025-03-03: [CVE-2018-8639] Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability
Posted at: 3/3/2025, 3:58:02 PM - 2025-03-03: [CVE-2022-43769] Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability
Posted at: 3/3/2025, 3:58:02 PM - 2025-03-03: [CVE-2022-43939] Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability
Posted at: 3/3/2025, 3:58:02 PM - 2025-03-03: [CVE-2023-20118] Cisco Small Business RV Series Routers Command Injection Vulnerability
Posted at: 3/3/2025, 3:58:02 PM - 2025-02-25: [CVE-2023-34192] Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability
Posted at: 2/25/2025, 5:52:03 PM - 2025-02-25: [CVE-2024-49035] Microsoft Partner Center Improper Access Control Vulnerability
Posted at: 2/25/2025, 5:52:03 PM - 2025-02-24: [CVE-2024-20953] Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability
Posted at: 2/24/2025, 6:52:09 PM - 2025-02-24: [CVE-2017-3066] Adobe ColdFusion Deserialization Vulnerability
Posted at: 2/24/2025, 6:52:09 PM - 2025-02-21: [CVE-2025-24989] Microsoft Power Pages Improper Access Control Vulnerability
Posted at: 2/21/2025, 6:17:09 PM