KEV CATALOG
2026
2025
2024 2023 2022
KEV CATALOG 2026
H January(21)
February(29)
March(26)
April(22)
May(11)
June(0)
July(0)
August(0)
September(0) October(0)
November(0)
December(0)
DATE |
NAME |
Info |
CATEG. |
WEB |
| 9.5.26 | CVE-2026-42208 | BerriAI LiteLLM SQL Injection Vulnerability | BerriAI LiteLLM SQL Injection Vulnerability | KEV |
| 9.5.26 | CVE-2026-6973 | Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability | Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability | KEV |
| 7.5.26 | CVE-2026-0300 | Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability | Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability | KEV |
| 3.5.26 | CVE-2026-31431 | Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability | Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability | KEV |
| 3.5.26 | CVE-2026-41940 | WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability | WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability | |
| 3.5.26 | CVE-2024-1708 | ConnectWise ScreenConnect Path | ConnectWise ScreenConnect Path | |
| 3.5.26 | CVE-2026-32202 | Microsoft Windows Protection Mechanism Failure Vulnerability | Microsoft Windows Protection Mechanism Failure Vulnerability | KEV |
| 3.5.26 | CVE-2024-7399 | Samsung MagicINFO 9 Server Path Traversal Vulnerability | Samsung MagicINFO 9 Server Path Traversal Vulnerability | |
| 3.5.26 | CVE-2024-57726 | SimpleHelp Missing Authorization Vulnerability | SimpleHelp Missing Authorization Vulnerability | |
| 3.5.26 | CVE-2024-57728 | SimpleHelp Path Traversal Vulnerability | SimpleHelp Path Traversal Vulnerability | KEV |
| 3.5.26 | CVE-2025-29635 | D-Link DIR-823X Command Injection Vulnerability | D-Link DIR-823X Command Injection Vulnerability | |
| 3.5.26 | CVE-2026-39987 | Marimo Remote Code Execution Vulnerability | Marimo Remote Code Execution Vulnerability | |
| 21.4.26 | CVE-2026-20133 | Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability | Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability | KEV |
| 21.4.26 | CVE-2026-20128 | Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability | Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability | |
| 21.4.26 | CVE-2026-20122 | Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability | Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability | |
| 21.4.26 | CVE-2025-48700 | Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability | Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability | |
| 21.4.26 | CVE-2025-32975 | Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability | Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability | |
| 21.4.26 | CVE-2025-2749 | Kentico Xperience Path Traversal Vulnerability | Kentico Xperience Path Traversal Vulnerability | |
| 21.4.26 | CVE-2024-27199 | JetBrains TeamCity Relative Path Traversal Vulnerability | JetBrains TeamCity Relative Path Traversal Vulnerability | KEV |
| 21.4.26 | CVE-2023-27351 | PaperCut NG/MF Improper Authentication Vulnerability | PaperCut NG/MF Improper Authentication Vulnerability | |
| 20.4.26 | CVE-2026-34197 | Apache ActiveMQ Improper Input Validation Vulnerability | Apache ActiveMQ Improper Input Validation Vulnerability | |
| 15.4.26 | CVE-2009-0238 | Microsoft Office Remote Code Execution Vulnerability | Microsoft Office Remote Code Execution Vulnerability | |
| 15.4.26 | CVE-2026-32201 | Microsoft SharePoint Server Improper Input Validation Vulnerability | Microsoft SharePoint Server Improper Input Validation Vulnerability | |
| 14.4.26 | CVE-2012-1854 | Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability | Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability | |
| 14.4.26 | CVE-2020-9715 | Adobe Acrobat Use-After-Free Vulnerability | Adobe Acrobat Use-After-Free Vulnerability | |
| 14.4.26 | CVE-2023-21529 | Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability | Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability | |
| 14.4.26 | CVE-2023-36424 |
Microsoft Windows Out-of-Bounds Read Vulnerability |
Microsoft Windows Out-of-Bounds Read Vulnerability |
|
| 14.4.26 | CVE-2025-60710 | Microsoft Windows Link Following Vulnerability | Microsoft Windows Link Following Vulnerability | |
| 14.4.26 | CVE-2026-21643 | Fortinet SQL Injection Vulnerability | Fortinet SQL Injection Vulnerability | |
| 14.4.26 | CVE-2026-34621 |
Adobe Acrobat and Reader Prototype Pollution Vulnerability |
Adobe Acrobat and Reader Prototype Pollution Vulnerability |
|
|
8.4.26 |
Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability |
Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability |
||
| 6.4.26 | CVE-2026-35616 | Fortinet FortiClient EMS Improper Access Control Vulnerability | Fortinet FortiClient EMS Improper Access Control Vulnerability | |
| 2.4.26 | CVE-2026-3502 | TrueConf Client Download of Code Without Integrity Check Vulnerability | TrueConf Client Download of Code Without Integrity Check Vulnerability | |
| 1.4.26 | CVE-2026-5281 | Google Dawn Use-After-Free Vulnerability | Google Dawn Use-After-Free Vulnerability | KEV |