KEV CATALOG  2026   2025  2024  2023 2022
KEV CATALOG 2026  H  January(21) February(29) March(26) April(22) May(28) June(7) July(0) August(0) September(0) October(0) November(0) December(0)

DATE

NAME

Info

CATEG.

WEB
16.6.26 CVE-2026-20262 Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability KEV KEV
16.6.26 CVE-2026-54420 LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability KEV KEV

13.6.26

 CVE-2026-35273 Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability KEV KEV

13.6.26

 CVE-2026-10520 Ivanti Sentry OS Command Injection Vulnerability KEV KEV
10.6.26 CVE-2026-20245 (CVSS score: 7.8) - An improper encoding or escaping of output vulnerability in Cisco Catalyst SD-WAN Manager that could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system. KEV KEV
10.6.26 CVE-2026-11645 (CVSS score: 8.8) - An out-of-bounds read and write vulnerability in Google Chrome V8 that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. KEV KEV
10.6.26 CVE-2026-7473 (CVSS score: 6.9) - An incomplete comparison with missing factors vulnerability in Arista Extensible Operating System (EOS) that could be exploited to process non-configured tunnel traffic. KEV KEV
9.6.26 CVE-2026-42271 BerriAI LiteLLM Command Injection Vulnerability KEV KEV
9.6.26 CVE-2026-50751 Check Point Security Gateway Improper Authentication Vulnerability KEV KEV
6.6.26 CVE-2026-28318 SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability KEV KEV
6.6.26 CVE-2026-45247 Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability KEV KEV
3.6.26 CVE-2022-0492 Linux Kernel Improper Authentication Vulnerability KEV KEV
3.6.26 CVE-2025-48595 Android Framework Integer Overflow Vulnerability KEV KEV
2.6.26 CVE-2024-21182 Oracle WebLogic Server Unspecified Vulnerability KEV KEV
31.5.26 CVE-2026-0257 Palo Alto Networks PAN-OS Authentication Bypass Vulnerability KEV KEV
28.5.26 CVE-2026-8398 Daemon Tools Lite Embedded Malicious Code Vulnerability KEV KEV
28.5.26 CVE-2026-45321 TanStack Unspecified Vulnerability KEV KEV
28.5.26 CVE-2026-48027 Nx Console Embedded Malicious Code Vulnerability KEV KEV
27.5.26 CVE-2026-48172 LiteSpeed cPanel Plugin Privilege Escalation Vulnerability KEV KEV
23.5.26 CVE-2026-9082 Drupal Core SQL Injection Vulnerability KEV KEV
22.5.26 CVE-2025-34291 Langflow Origin Validation Error Vulnerability KEV KEV
22.5.26 CVE-2026-34926 Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability KEV KEV
21.5.26 CVE-2008-4250 Microsoft Windows Buffer Overflow Vulnerability KEV KEV
21.5.26 CVE-2009-1537 Microsoft DirectX NULL Byte Overwrite Vulnerability KEV KEV
21.5.26 CVE-2009-3459 Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability KEV KEV
21.5.26 CVE-2010-0249 Microsoft Internet Explorer Use-After-Free Vulnerability KEV KEV
21.5.26 CVE-2010-0806 Microsoft Internet Explorer Use-After-Free Vulnerability KEV KEV
21.5.26 CVE-2026-41091 Microsoft Defender Elevation of Privilege Vulnerability KEV KEV
21.5.26 CVE-2026-45498 Microsoft Defender Denial of Service Vulnerability

KEV

KEV
16.5.26 CVE-2026-42897 Microsoft Exchange Server Cross-Site Scripting Vulnerability

KEV

KEV
16.5.26 CVE-2026-20182 Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability KEV KEV
9.5.26 CVE-2026-42208 BerriAI LiteLLM SQL Injection Vulnerability KEV KEV
9.5.26 CVE-2026-6973 Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability KEV KEV
7.5.26 CVE-2026-0300 Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability KEV KEV
3.5.26 CVE-2026-31431 Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability KEV KEV
3.5.26 CVE-2026-41940 WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability

KEV

KEV
3.5.26 CVE-2024-1708 ConnectWise ScreenConnect Path

KEV

KEV
3.5.26 CVE-2026-32202 Microsoft Windows Protection Mechanism Failure Vulnerability KEV KEV
3.5.26 CVE-2024-7399 Samsung MagicINFO 9 Server Path Traversal Vulnerability

KEV

KEV
3.5.26 CVE-2024-57726 SimpleHelp Missing Authorization Vulnerability

KEV

KEV
3.5.26 CVE-2024-57728 SimpleHelp Path Traversal Vulnerability KEV KEV
3.5.26 CVE-2025-29635 D-Link DIR-823X Command Injection Vulnerability 

KEV

KEV
3.5.26 CVE-2026-39987 Marimo Remote Code Execution Vulnerability

KEV

KEV
21.4.26 CVE-2026-20133 Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability KEV KEV
21.4.26 CVE-2026-20128 Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability

KEV

KEV
21.4.26 CVE-2026-20122 Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability

KEV

KEV
21.4.26 CVE-2025-48700 Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability

KEV

KEV
21.4.26 CVE-2025-32975 Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability

KEV

KEV
21.4.26 CVE-2025-2749 Kentico Xperience Path Traversal Vulnerability

KEV

KEV
21.4.26 CVE-2024-27199 JetBrains TeamCity Relative Path Traversal Vulnerability KEV KEV
21.4.26 CVE-2023-27351 PaperCut NG/MF Improper Authentication Vulnerability

KEV

KEV
20.4.26 CVE-2026-34197 Apache ActiveMQ Improper Input Validation Vulnerability

KEV

KEV
15.4.26 CVE-2009-0238 Microsoft Office Remote Code Execution Vulnerability

KEV

KEV
15.4.26 CVE-2026-32201 Microsoft SharePoint Server Improper Input Validation Vulnerability 

KEV

KEV
14.4.26 CVE-2012-1854 Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability

KEV

KEV
14.4.26 CVE-2020-9715 Adobe Acrobat Use-After-Free Vulnerability

KEV

KEV
14.4.26 CVE-2023-21529 Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability

KEV

KEV
14.4.26 CVE-2023-36424

Microsoft Windows Out-of-Bounds Read Vulnerability

KEV

KEV
14.4.26 CVE-2025-60710 Microsoft Windows Link Following Vulnerability

KEV

KEV
14.4.26 CVE-2026-21643 Fortinet SQL Injection Vulnerability

KEV

KEV
14.4.26 CVE-2026-34621

Adobe Acrobat and Reader Prototype Pollution Vulnerability

KEV

KEV

8.4.26

CVE-2026-1340

Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

KEV

KEV
6.4.26 CVE-2026-35616 Fortinet FortiClient EMS Improper Access Control Vulnerability

KEV

KEV
2.4.26 CVE-2026-3502 TrueConf Client Download of Code Without Integrity Check Vulnerability 

KEV

KEV
1.4.26 CVE-2026-5281 Google Dawn Use-After-Free Vulnerability KEV KEV