Added to CISA KEV since 2026-04-19. actively exploited, patch priority.
Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability
Linux Kernel Improper Authentication Vulnerability
Android Framework Integer Overflow Vulnerability
Oracle WebLogic Server Unspecified Vulnerability
KEV
CVE-2026-0257
Palo Alto Networks
added 2026-05-29 · due 2026-06-01
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
KEV
CVE-2026-45321
ransomware
TanStack
added 2026-05-27 · due 2026-06-10
TanStack Unspecified Vulnerability
Nx Console Embedded Malicious Code Vulnerability
Daemon Tools Lite Embedded Malicious Code Vulnerability
LiteSpeed cPanel Plugin Privilege Escalation Vulnerability
Drupal Core SQL Injection Vulnerability
Langflow Origin Validation Error Vulnerability
Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability
Microsoft Windows Buffer Overflow Vulnerability
Microsoft DirectX NULL Byte Overwrite Vulnerability
Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability
Microsoft Internet Explorer Use-After-Free Vulnerability
Microsoft Internet Explorer Use-After-Free Vulnerability
Microsoft Defender Link Following Vulnerability
Microsoft Defender Denial of Service Vulnerability
Microsoft Exchange Server Cross-Site Scripting Vulnerability
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
BerriAI LiteLLM SQL Injection Vulnerability
Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability
KEV
CVE-2026-0300
Palo Alto Networks
added 2026-05-06 · due 2026-05-09
Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability
Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability
KEV
CVE-2026-41940
ransomware
WebPros
added 2026-04-30 · due 2026-05-03
WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability
KEV
CVE-2024-1708
ransomware
ConnectWise
added 2026-04-28 · due 2026-05-12
ConnectWise ScreenConnect Path Traversal Vulnerability
Microsoft Windows Protection Mechanism Failure Vulnerability
KEV
CVE-2024-57726
ransomware
SimpleHelp
added 2026-04-24 · due 2026-05-08
SimpleHelp Missing Authorization Vulnerability
KEV
CVE-2024-57728
ransomware
SimpleHelp
added 2026-04-24 · due 2026-05-08
SimpleHelp Path Traversal Vulnerability
Samsung MagicINFO 9 Server Path Traversal Vulnerability
D-Link DIR-823X Command Injection Vulnerability
Marimo Remote Code Execution Vulnerability
Microsoft Defender Insufficient Granularity of Access Control Vulnerability
KEV
CVE-2023-27351
ransomware
PaperCut
added 2026-04-20 · due 2026-05-04
PaperCut NG/MF Improper Authentication Vulnerability
KEV
CVE-2024-27199
ransomware
JetBrains
added 2026-04-20 · due 2026-05-04
JetBrains TeamCity Relative Path Traversal Vulnerability
Kentico Xperience Path Traversal Vulnerability
Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability
Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability
Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability
Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability
Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability