Known Exploited Vulnerabilities Catalog
External catalog of known exploited vulnerabilities conforming to GCVE BCP-07 standard.
Catalog UUID: caeb2787-0d58-4236-9039-7c86c3e566f3 (KEVIntel)
| Vulnerability ID | Status | Exploited | Status Updated | Evidence | Characteristics | Actions |
|---|---|---|---|---|---|---|
|
CVE-2025-27363
FreeType - FreeType |
Confirmed
Asserted: 2025-05-06 |
Yes |
2025-05-06
First seen: 2025-05-06 |
1
source
public_report |
- | Details |
|
CVE-2025-34028
Commvault - Command Center Innovation Release |
Confirmed
Asserted: 2025-05-05 |
Yes |
2025-05-05
First seen: 2025-05-05 |
1
source
public_report |
- | Details |
|
CVE-2024-58136
yiiframework - Yii |
Confirmed
Asserted: 2025-05-05 |
Yes |
2025-05-05
First seen: 2025-05-05 |
1
source
public_report |
- | Details |
|
CVE-2025-3248
langflow-ai - langflow |
Confirmed
Asserted: 2025-05-05 |
Yes |
2025-05-05
First seen: 2025-05-05 |
1
source
public_report |
- | Details |
| CVE-2017-9844 |
Confirmed
Asserted: 2025-05-01 |
Yes |
2025-05-01
First seen: 2025-05-01 |
1
source
public_report |
- | Details |
|
CVE-2023-44221
SonicWall - SMA100 |
Confirmed
Asserted: 2025-05-01 |
Yes |
2025-05-01
First seen: 2025-05-01 |
1
source
public_report |
- | Details |
|
CVE-2024-38475
Apache Software Foundation - Apache HTTP Server , apache - http_server +1 more |
Confirmed
Asserted: 2025-05-01 |
Yes |
2025-05-01
First seen: 2025-05-01 |
1
source
public_report |
- | Details |
|
CVE-2025-3928
Commvault - Web Server |
Confirmed
Asserted: 2025-04-30 |
Yes |
2025-04-30
First seen: 2025-04-30 |
1
source
public_report |
- | Details |
|
CVE-2025-31324
SAP_SE - SAP NetWeaver (Visual Composer development server) |
Confirmed
Asserted: 2025-04-28 |
Yes |
2025-04-28
First seen: 2025-04-28 |
1
source
public_report |
- | Details |
|
CVE-2021-25003
Unknown - WPCargo Track & Trace |
Confirmed
Asserted: 2025-04-28 |
Yes |
2025-04-28
First seen: 2025-04-28 |
1
source
public_report |
- | Details |
About this Catalog
Evidence-backed KEV intelligence enriched with confidence scoring, exploitation status, CISA KEV status, and sensor telemetry.
This Known Exploited Vulnerabilities (KEV) catalog conforms to the GCVE BCP-07 standard (Best Current Practice) standard for documenting vulnerabilities with confirmed or suspected active exploitation.
Each entry includes exploitation status, evidence sources, and characteristics to help organizations prioritize vulnerability remediation efforts.