Known Exploited Vulnerabilities Catalog
External catalog of known exploited vulnerabilities conforming to GCVE BCP-07 standard.
Catalog UUID: caeb2787-0d58-4236-9039-7c86c3e566f3 (KEVIntel)
| Vulnerability ID | Status | Exploited | Status Updated | Evidence | Characteristics | Actions |
|---|---|---|---|---|---|---|
|
CVE-2026-3844
cloudways - Breeze Cache |
Confirmed
Asserted: 2026-04-25 |
Yes |
2026-04-25
First seen: 2026-04-25 |
1
source
public_report |
- | Details |
|
CVE-2021-4374
ValvePress - WordPress Automatic Plugin |
Confirmed
Asserted: 2026-04-25 |
Yes |
2026-04-25
First seen: 2026-04-25 |
1
source
public_report |
- | Details |
|
CVE-2026-33626
InternLM - lmdeploy |
Confirmed
Asserted: 2026-04-24 |
Yes |
2026-04-24
First seen: 2026-04-24 |
1
source
public_report |
- | Details |
|
CVE-2019-8451
Atlassian - Jira |
Confirmed
Asserted: 2026-04-23 |
Yes |
2026-04-23
First seen: 2026-04-23 |
1
source
public_report |
- | Details |
|
CVE-2026-25187
Microsoft - Windows 10 Version 1607 , Microsoft - Windows 10 Version 1809 +19 more |
Confirmed
Asserted: 2026-04-19 |
Yes |
2026-04-19
First seen: 2026-04-19 |
1
source
public_report |
- | Details |
|
CVE-2026-3564
ConnectWise - ScreenConnect |
Confirmed
Asserted: 2026-04-19 |
Yes |
2026-04-19
First seen: 2026-04-19 |
1
source
public_report |
- | Details |
|
CVE-2026-26127
Microsoft - .NET 10.0 , Microsoft - .NET 9.0 +1 more |
Confirmed
Asserted: 2026-04-19 |
Yes |
2026-04-19
First seen: 2026-04-19 |
1
source
public_report |
- | Details |
|
CVE-2026-21262
Microsoft - Microsoft SQL Server 2016 Service Pack 3 (GDR) , Microsoft - Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack +8 more |
Confirmed
Asserted: 2026-04-19 |
Yes |
2026-04-19
First seen: 2026-04-19 |
1
source
public_report |
- | Details |
| CVE-2018-6605 |
Confirmed
Asserted: 2026-04-18 |
Yes |
2026-04-18
First seen: 2026-04-18 |
1
source
public_report |
- | Details |
| CVE-2025-66954 |
Confirmed
Asserted: 2026-04-17 |
Yes |
2026-04-17
First seen: 2026-04-17 |
1
source
public_report |
- | Details |
About this Catalog
Evidence-backed KEV intelligence enriched with confidence scoring, exploitation status, CISA KEV status, and sensor telemetry.
This Known Exploited Vulnerabilities (KEV) catalog conforms to the GCVE BCP-07 standard (Best Current Practice) standard for documenting vulnerabilities with confirmed or suspected active exploitation.
Each entry includes exploitation status, evidence sources, and characteristics to help organizations prioritize vulnerability remediation efforts.