KEV

Known Exploited Vulnerabilities Catalog

External catalog of known exploited vulnerabilities conforming to GCVE BCP-07 standard.
Catalog UUID: caeb2787-0d58-4236-9039-7c86c3e566f3 (KEVIntel)

KEV Entries
2523
Vulnerability ID Status Exploited Status Updated Evidence Characteristics Actions
CVE-2024-52875
GFI - Kerio Control
Confirmed
Asserted: 2025-09-12
Yes 2025-09-12
First seen: 2025-09-12
1 source
public_report
- Details
CVE-2025-42957
SAP_SE - SAP S/4HANA (Private Cloud or On-Premise)
Confirmed
Asserted: 2025-09-06
Yes 2025-09-06
First seen: 2025-09-06
1 source
public_report
- Details
CVE-2024-38653
Ivanti - Avalanche , ivanti - avalanche
Confirmed
Asserted: 2025-09-05
Yes 2025-09-05
First seen: 2025-09-05
1 source
public_report
- Details
CVE-2020-7136
Hewlett Packard Enterprise - Smart Update Manager (SUM)
Confirmed
Asserted: 2025-08-31
Yes 2025-08-31
First seen: 2025-08-31
1 source
public_report
- Details
CVE-2020-4463
IBM - Maximo Asset Management
Confirmed
Asserted: 2025-08-31
Yes 2025-08-31
First seen: 2025-08-31
1 source
public_report
- Details
CVE-2019-8446
Atlassian - Jira
Confirmed
Asserted: 2025-08-30
Yes 2025-08-30
First seen: 2025-08-30
1 source
public_report
- Details
CVE-2025-8424
NetScaler - ADC , NetScaler - Gateway
Confirmed
Asserted: 2025-08-28
Yes 2025-08-28
First seen: 2025-08-28
1 source
public_report
- Details
CVE-2025-7776
NetScaler - ADC , NetScaler - Gateway
Confirmed
Asserted: 2025-08-28
Yes 2025-08-28
First seen: 2025-08-28
1 source
public_report
- Details
CVE-2020-7209 Confirmed
Asserted: 2025-08-28
Yes 2025-08-28
First seen: 2025-08-28
1 source
public_report
- Details
CVE-2023-43177 Confirmed
Asserted: 2025-08-28
Yes 2025-08-28
First seen: 2025-08-28
1 source
public_report
- Details
displaying 671 - 680 KEV entries in total 2523
About this Catalog

Evidence-backed KEV intelligence enriched with confidence scoring, exploitation status, CISA KEV status, and sensor telemetry.

This Known Exploited Vulnerabilities (KEV) catalog conforms to the GCVE BCP-07 standard (Best Current Practice) standard for documenting vulnerabilities with confirmed or suspected active exploitation.

Each entry includes exploitation status, evidence sources, and characteristics to help organizations prioritize vulnerability remediation efforts.