KEV

Known Exploited Vulnerabilities Catalog

External catalog of known exploited vulnerabilities conforming to GCVE BCP-07 standard.
Catalog UUID: c8fb6bf1-f81f-4cb8-95b1-eadbb3b54ee8 (Shadowserver)

KEV Entries
1231
Vulnerability ID Status Exploited Status Updated Evidence Characteristics Actions
CVE-2025-49493
Akamai - CloudTest
Confirmed
Asserted: 2025-07-31
Yes 2026-06-20
First seen: 2025-07-31
1 source
honeypot
Severity: 58.0
Details
CVE-2026-1340
Ivanti - Endpoint Manager Mobile
Confirmed
Asserted: 2026-04-26
Yes 2026-06-19
First seen: 2026-04-26
1 source
honeypot
Severity: 98.0
Details
CVE-2026-21902
Juniper Networks - Junos OS Evolved
Confirmed
Asserted: 2026-03-14
Yes 2026-06-19
First seen: 2026-03-14
1 source
honeypot
Severity: 93.0
Details
CVE-2024-50623
cleo - harmomy , cleo - vltrader +1 more
Confirmed
Asserted: 2025-05-25
Yes 2026-06-18
First seen: 2025-05-25
1 source
honeypot
Severity: 88.0
Details
CVE-2025-30220
geoserver - geoserver
Confirmed
Asserted: 2025-07-22
Yes 2026-06-18
First seen: 2025-07-22
1 source
honeypot
Severity: 98.0
Details
CVE-2025-54309
CrushFTP - CrushFTP
Confirmed
Asserted: 2025-10-10
Yes 2026-06-15
First seen: 2025-10-10
1 source
honeypot
Severity: 98.0
Details
CVE-2014-1677 Confirmed
Asserted: 2025-07-02
Yes 2026-06-15
First seen: 2025-07-02
1 source
honeypot
Severity: 75.0
Details
CVE-2025-53770
Microsoft - Microsoft SharePoint Enterprise Server 2016 , Microsoft - Microsoft SharePoint Server 2019 +1 more
Confirmed
Asserted: 2025-07-22
Yes 2026-06-13
First seen: 2025-07-22
1 source
honeypot
Severity: 98.0
Details
CVE-2025-29927
vercel - next.js
Confirmed
Asserted: 2025-04-24
Yes 2026-06-11
First seen: 2025-04-24
1 source
honeypot
Severity: 91.0
Details
CVE-2025-34033
5VTechnologies - Blue Angel Software Suite
Confirmed
Asserted: 2026-06-07
Yes 2026-06-07
First seen: 2026-06-07
1 source
honeypot
- Details
displaying 891 - 900 KEV entries in total 1231
About this Catalog

Vulnerabilities actively exploited in the wild as observed by The Shadowserver Foundation's global honeypot network (honeypot/exploited-vulnerabilities API), ranked by number of unique IPs per day and enriched with CVSS scores and CISA KEV status.

This Known Exploited Vulnerabilities (KEV) catalog conforms to the GCVE BCP-07 standard (Best Current Practice) standard for documenting vulnerabilities with confirmed or suspected active exploitation.

Each entry includes exploitation status, evidence sources, and characteristics to help organizations prioritize vulnerability remediation efforts.