Vulnerabilities & Known Exploited Vulnerabilities¶
Last updated: 2026-05-10 08:08 UTC
CISA Known Exploited Vulnerabilities (KEV)¶
The KEV catalog tracks vulnerabilities confirmed to be actively exploited in the wild.
| Metric | Value |
|---|---|
| Total KEV entries | 1590 |
| Added in last 30 days | 31 |
| Overdue remediations | 1585 |
Top Affected Vendors (KEV)¶
| Vendor | Exploited CVEs |
|---|---|
| Microsoft | 370 |
| Apple | 93 |
| Cisco | 89 |
| Adobe | 78 |
| 71 | |
| Oracle | 42 |
| Apache | 39 |
| Ivanti | 34 |
| D-Link | 26 |
| Fortinet | 26 |
| VMware | 26 |
| Linux | 25 |
| Citrix | 22 |
| Synacor | 18 |
| Android | 16 |
Recently Added to KEV (Last 30 Days)¶
| CVE | Vendor | Product | Date Added | Due Date |
|---|---|---|---|---|
| CVE-2026-42208 | BerriAI | LiteLLM | 2026-05-08 | 2026-05-11 |
| CVE-2026-6973 | Ivanti | Endpoint Manager Mobile (EPMM) | 2026-05-07 | 2026-05-10 |
| CVE-2026-0300 | Palo Alto Networks | PAN-OS | 2026-05-06 | 2026-05-09 |
| CVE-2026-31431 | Linux | Kernel | 2026-05-01 | 2026-05-15 |
| CVE-2026-41940 | WebPros | cPanel & WHM and WP2 (WordPress Squared) | 2026-04-30 | 2026-05-03 |
| CVE-2024-1708 | ConnectWise | ScreenConnect | 2026-04-28 | 2026-05-12 |
| CVE-2026-32202 | Microsoft | Windows | 2026-04-28 | 2026-05-12 |
| CVE-2025-29635 | D-Link | DIR-823X | 2026-04-24 | 2026-05-08 |
| CVE-2024-7399 | Samsung | MagicINFO 9 Server | 2026-04-24 | 2026-05-08 |
| CVE-2024-57728 | SimpleHelp | SimpleHelp | 2026-04-24 | 2026-05-08 |
| CVE-2024-57726 | SimpleHelp | SimpleHelp | 2026-04-24 | 2026-05-08 |
| CVE-2026-39987 | Marimo | Marimo | 2026-04-23 | 2026-05-07 |
| CVE-2026-33825 | Microsoft | Defender | 2026-04-22 | 2026-05-06 |
| CVE-2026-20122 | Cisco | Catalyst SD-WAN Manger | 2026-04-20 | 2026-04-23 |
| CVE-2026-20133 | Cisco | Catalyst SD-WAN Manager | 2026-04-20 | 2026-04-23 |
| CVE-2025-2749 | Kentico | Kentico Xperience | 2026-04-20 | 2026-05-04 |
| CVE-2023-27351 | PaperCut | NG/MF | 2026-04-20 | 2026-05-04 |
| CVE-2025-48700 | Synacor | Zimbra Collaboration Suite (ZCS) | 2026-04-20 | 2026-04-23 |
| CVE-2026-20128 | Cisco | Catalyst SD-WAN Manager | 2026-04-20 | 2026-04-23 |
| CVE-2025-32975 | Quest | KACE Systems Management Appliance (SMA) | 2026-04-20 | 2026-05-04 |
Recent CVEs (Last 14 Days)¶
Total new CVEs: 100
Severity Distribution¶
| Severity | Count |
|---|---|
| CRITICAL | 2 |
| HIGH | 49 |
| MEDIUM | 36 |
| LOW | 11 |
| UNKNOWN | 2 |
Critical CVEs (CVSS >= 9.0)¶
| CVE ID | CVSS | Description |
|---|---|---|
| CVE-2026-7037 | 9.8 | A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setVpnPassCfg of the file... |
| CVE-2026-42363 | 9.3 | An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5.... |