KEV

Known Exploited Vulnerabilities Catalog

External catalog of known exploited vulnerabilities conforming to GCVE BCP-07 standard.
Catalog UUID: c8fb6bf1-f81f-4cb8-95b1-eadbb3b54ee8 (Shadowserver)

KEV Entries
1231
Vulnerability ID Status Exploited Status Updated Evidence Characteristics Actions
CVE-2023-27992
Zyxel - NAS326 firmware , Zyxel - NAS540 firmware +1 more
Confirmed
Asserted: 2025-01-07
Yes 2025-01-23
First seen: 2025-01-07
1 source
honeypot
Severity: 98.0
Details
CVE-2020-25213 Confirmed
Asserted: 2023-10-18
Yes 2025-01-21
First seen: 2023-10-18
1 source
honeypot
Severity: 98.0
Details
CVE-2022-25237 Confirmed
Asserted: 2024-05-15
Yes 2025-01-21
First seen: 2024-05-15
1 source
honeypot
Severity: 98.0
Details
CVE-2022-36804
Atlassian - Bitbucket Server , Atlassian - Bitbucket Data Center
Confirmed
Asserted: 2023-10-18
Yes 2025-01-21
First seen: 2023-10-18
1 source
honeypot
Severity: 88.0
Details
CVE-2019-10068 Confirmed
Asserted: 2023-11-29
Yes 2025-01-21
First seen: 2023-11-29
1 source
honeypot
Severity: 98.0
Details
CVE-2020-2507
QNAP Systems Inc. - Helpdesk
Confirmed
Asserted: 2024-02-29
Yes 2025-01-18
First seen: 2024-02-29
1 source
honeypot
Severity: 98.0
Details
CVE-2024-21683
Atlassian - Confluence Data Center , atlassian - confluence_data_center
Confirmed
Asserted: 2024-05-29
Yes 2025-01-16
First seen: 2024-05-29
1 source
honeypot
Severity: 83.0
Details
CVE-2024-32113
Apache Software Foundation - Apache OFBiz , apache - ofbiz
Confirmed
Asserted: 2024-06-14
Yes 2025-01-14
First seen: 2024-06-14
1 source
honeypot
Severity: 0.0
Details
CVE-2022-31793 Confirmed
Asserted: 2023-10-14
Yes 2025-01-14
First seen: 2023-10-14
1 source
honeypot
Severity: 75.0
Details
CVE-2023-0297
pyload - pyload/pyload
Confirmed
Asserted: 2023-11-12
Yes 2025-01-14
First seen: 2023-11-12
1 source
honeypot
Severity: 98.0
Details
displaying 1111 - 1120 KEV entries in total 1231
About this Catalog

Vulnerabilities actively exploited in the wild as observed by The Shadowserver Foundation's global honeypot network (honeypot/exploited-vulnerabilities API), ranked by number of unique IPs per day and enriched with CVSS scores and CISA KEV status.

This Known Exploited Vulnerabilities (KEV) catalog conforms to the GCVE BCP-07 standard (Best Current Practice) standard for documenting vulnerabilities with confirmed or suspected active exploitation.

Each entry includes exploitation status, evidence sources, and characteristics to help organizations prioritize vulnerability remediation efforts.