CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6734 matches found

CISA•added 2026/03/18 12:0 p.m.•4 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-66376link is external Synacor Zimbra Collaboration Suite ZCS Cross-Site Scripting Vulnerability This type of vulnerability is a frequent attack vector for...

7.2CVSS5.8AI score0.12009EPSS

In wildExploits0References6

CISA•added 2026/03/18 12:0 p.m.•162 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-20963link is external Microsoft SharePoint Deserialization of Untrusted Data Vulnerability This type of vulnerability is a frequent attack vector for malicio...

9.8CVSS5.8AI score0.31109EPSS

In wildExploits0References6

Circl•added 2026/03/17 12:0 a.m.•2 views

CVE-2020-10546

creationtimestamp| type| source ---|---|--- 2026-03-17 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2026-03-17...

9.8CVSS5.7AI score0.8733EPSS

In wildExploits1

CISA•added 2026/03/16 12:0 p.m.•7 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-47813link is external Wing FTP Server Information Disclosure Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors...

4.3CVSS5.8AI score0.56366EPSS

In wildExploits3References6

NVD•added 2026/03/13 7:54 p.m.•3 views

CVE-2026-32379

Missing Authorization vulnerability in raratheme Rara Academic rara-academic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rara Academic: from n/a through = 1.2.2...

5.3CVSS0.00214EPSS

Exploits0References1

CISA•added 2026/03/13 12:0 p.m.•8 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-3909link is external Google Skia Out-of-Bounds Write Vulnerability CVE-2026-3910link is external Google Chromium V8 Unspecified Vulnerability These types o...

8.8CVSS5.8AI score0.02082EPSS

In wildExploits1References7

Information Security Automation•added 2026/03/12 3:14 p.m.•10 views

About Elevation of Privilege - Desktop Window Manager (CVE-2026-21519) vulnerability

About Elevation of Privilege - Desktop Window Manager CVE-2026-21519 vulnerability. The vulnerability is from the February Microsoft Patch Tuesday. Desktop Window Manager is a compositing window manager included in Windows starting with Windows Vista. A Type Confusion error CWE-843 in Desktop...

7.8CVSS6AI score0.0242EPSS

Exploits0

Circl•added 2026/03/11 2:14 p.m.•2 views

GCVE-1-2026-0020

creationtimestamp| type| source ---|---|--- 2026-03-11 14:14:51+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/523ca818-9868-4f11-832b-baf2fbd9d76c...

5.8AI score

Exploits0References1

CISA•added 2026/03/11 12:0 p.m.•15 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-68613link is external n8n Improper Control of Dynamically-Managed Code Resources Vulnerability This type of vulnerability is a frequent attack vector for...

9.9CVSS5.8AI score0.98011EPSS

In wildExploits27References6

CISA•added 2026/03/09 12:0 p.m.•11 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2021-22054link is external Omnissa Workspace ONE Server-Side Request Forgery CVE-2025-26399link is external SolarWinds Web Help Desk Deserialization of...

9.8CVSS5.8AI score0.97713EPSS

In wildExploits2References8

The Hacker News•added 2026/03/06 6:30 a.m.•6 views

Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added two security flaws impacting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The critical-severity vulnerabilities are listed bel...

10CVSS6AI score0.99998EPSS

Exploits12

Talos Blog•added 2026/03/05 7:0 p.m.•8 views

Patch, track, repeat: The 2025 CVE retrospective

Welcome to this week's edition of the Threat Source newsletter. It's time to look back at a year that pushed the vulnerability landscape to new heights. I'll admit this retrospective is arriving a bit later than planned. With 48,196 CVEs in 2025 a stunning 132 vulnerabilities per day, the analysi...

7.8CVSS6AI score0.01068EPSS

Exploits3

The Hacker News•added 2026/03/04 4:35 a.m.•7 views

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations to its Known Exploited Vulnerabilities KEV catalog, citing active exploitation in the wild. The high-severity vulnerability, CVE-2026-22719...

8.1CVSS8AI score0.17424EPSS

Exploits0

CISA•added 2026/03/03 12:0 p.m.•17 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-21385link is external Qualcomm Multiple Chipsets Memory Corruption Vulnerability CVE-2026-22719link is external Broadcom VMware Aria Operations Command...

8.1CVSS7.3AI score0.17424EPSS

In wildExploits3References7

Information Security Automation•added 2026/03/02 10:4 p.m.•8 views

About Remote Code Execution – Microsoft Word (CVE-2026-21514) vulnerability

About Remote Code Execution - Microsoft Word CVE-2026-21514 vulnerability. This vulnerability is from February Microsoft Patch Tuesday. Reliance on Untrusted Inputs in a Security Decision CWE-807 in Microsoft Office Word allows an unauthenticated attacker to bypass OLE security features when...

7.8CVSS6.2AI score0.01517EPSS

Exploits0

Rapid7 Blog•added 2026/02/25 10:3 p.m.•13 views

Critical Cisco Catalyst Vulnerability Exploited in the wild (CVE-2026-20127)

Overview On February 25, 2026, Cisco disclosed a critical authentication bypass vulnerability in Cisco Catalyst SD‑WAN Controller and Cisco Catalyst SD‑WAN Manager, tracked as CVE‑2026‑20127, that allows an unauthenticated attacker to gain administrative access to affected systems. The Cisco...

10CVSS7.4AI score0.48158EPSS

Exploits9

GithubExploit•added 2026/02/25 2:28 p.m.•148 views

Exploit for Out-of-bounds Write in Fortinet Fortiproxy

watchpost Local threat intelligence database. Aggregates data...

9.8CVSS5.8AI score0.80835EPSS

Exploits10

CISA•added 2026/02/25 12:0 p.m.•7 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2022-20775link is external Cisco Catalyst SD-WAN Path Traversal Vulnerability CVE-2026-20127link is external Cisco Catalyst SD-WAN Controller and Manager...

10CVSS5.6AI score0.48158EPSS

In wildExploits10References7

CISA•added 2026/02/24 12:0 p.m.•7 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-25108link is external Soliton Systems K.K. FileZen OS Command Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious...

8.8CVSS5.6AI score0.04974EPSS

In wildExploits0References6

The Hacker News•added 2026/02/21 7:21 a.m.•11 views

CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added two security flaws impacting Roundcube webmail software to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerabilities in question are listed below - CVE-2025-49113 CVSS...

9.9CVSS9.4AI score0.89163EPSS

Exploits30

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by