Vulnerabilities & Known Exploited Vulnerabilities
Last updated: 2026-04-01 07:21 UTC
CISA Known Exploited Vulnerabilities (KEV)
The KEV catalog tracks vulnerabilities confirmed to be actively exploited in the wild.
| Metric | Value |
| Total KEV entries | 1555 |
| Added in last 30 days | 26 |
| Overdue remediations | 1546 |
Top Affected Vendors (KEV)
| Vendor | Exploited CVEs |
| Microsoft | 362 |
| Apple | 93 |
| Cisco | 86 |
| Adobe | 76 |
| Google | 70 |
| Oracle | 42 |
| Apache | 38 |
| Ivanti | 32 |
| VMware | 26 |
| D-Link | 25 |
| Fortinet | 24 |
| Linux | 24 |
| Citrix | 22 |
| Synacor | 17 |
| Android | 16 |
Recently Added to KEV (Last 30 Days)
| CVE | Vendor | Product | Date Added | Due Date |
| CVE-2026-3055 | Citrix | NetScaler | 2026-03-30 | 2026-04-02 |
| CVE-2025-53521 | F5 | BIG-IP | 2026-03-27 | 2026-03-30 |
| CVE-2026-33634 | Aquasecurity | Trivy | 2026-03-26 | 2026-04-09 |
| CVE-2026-33017 | Langflow | Langflow | 2026-03-25 | 2026-04-08 |
| CVE-2025-32432 | Craft CMS | Craft CMS | 2026-03-20 | 2026-04-03 |
| CVE-2025-54068 | Laravel | Livewire | 2026-03-20 | 2026-04-03 |
| CVE-2025-43510 | Apple | Multiple Products | 2026-03-20 | 2026-04-03 |
| CVE-2025-43520 | Apple | Multiple Products | 2026-03-20 | 2026-04-03 |
| CVE-2025-31277 | Apple | Multiple Products | 2026-03-20 | 2026-04-03 |
| CVE-2026-20131 | Cisco | Secure Firewall Management Center (FMC) | 2026-03-19 | 2026-03-22 |
| CVE-2025-66376 | Synacor | Zimbra Collaboration Suite (ZCS) | 2026-03-18 | 2026-04-01 |
| CVE-2026-20963 | Microsoft | SharePoint | 2026-03-18 | 2026-03-21 |
| CVE-2025-47813 | Wing FTP Server | Wing FTP Server | 2026-03-16 | 2026-03-30 |
| CVE-2026-3910 | Google | Chromium V8 | 2026-03-13 | 2026-03-27 |
| CVE-2026-3909 | Google | Skia | 2026-03-13 | 2026-03-27 |
| CVE-2025-68613 | n8n | n8n | 2026-03-11 | 2026-03-25 |
| CVE-2021-22054 | Omnissa | Workspace One UEM | 2026-03-09 | 2026-03-23 |
| CVE-2025-26399 | SolarWinds | Web Help Desk | 2026-03-09 | 2026-03-12 |
| CVE-2026-1603 | Ivanti | Endpoint Manager (EPM) | 2026-03-09 | 2026-03-23 |
| CVE-2017-7921 | Hikvision | Multiple Products | 2026-03-05 | 2026-03-26 |
Recent CVEs (Last 14 Days)
Total new CVEs: 100
Severity Distribution
| Severity | Count |
| CRITICAL | 4 |
| HIGH | 35 |
| MEDIUM | 40 |
| LOW | 3 |
| UNKNOWN | 18 |
Critical CVEs (CVSS >= 9.0)
| CVE ID | CVSS | Description |
| CVE-2026-27459 | 9.8 | pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided... |
| CVE-2026-30884 | 9.6 | mdjnelson/moodle-mod_customcert is a Moodle plugin for creating dynamically generated certificates with complete customization via the... |
| CVE-2026-31938 | 9.6 | jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.2.1, user control of the options argument of the output... |
| CVE-2026-25449 | 9.8 | Deserialization of Untrusted Data vulnerability in Shinetheme Traveler allows Object Injection.This issue affects Traveler: from n/a... |