Full CISA KEV catalog

Every CVE the U.S. cybersecurity agency has flagged as actively exploited. Search by vendor or product. Filter by category, time window, or ransomware association. Paginated 50 per page.

All 500 Ransomware-linked 62 Yacht-focused 151 Network gear 69 Endpoint 6 M365 / Email 11 Browsers 25 VPN / Remote access 12 Server OS / DB / Web 27 Enterprise stack 26 Mobile 32 ICS / OT 1 IoT 6

Showing 1–6 of 6 · Page 1 of 1

Clear all filters

CVE	Vendor / product	Vulnerability	Categories	Added to KEV
CVE-2026-34926	Trend Micro Apex One	Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability Trend Micro Apex One (on-premise) contains a directory traversal vulnerability that could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations.	Endpoint Yacht-focused	May 21, 2026
CVE-2026-41091	Microsoft Defender	Microsoft Defender Link Following Vulnerability Microsoft Defender contains a link following vulnerability that allows an authorized attacker to elevate privileges locally.	Endpoint Yacht-focused	May 20, 2026
CVE-2026-45498	Microsoft Defender	Microsoft Defender Denial of Service Vulnerability Microsoft Defender contains an unspecified vulnerability that allows for denial of service.	Endpoint Yacht-focused	May 20, 2026
CVE-2026-33825	Microsoft Defender	Microsoft Defender Insufficient Granularity of Access Control Vulnerability Microsoft Defender contains an insufficient granularity of access control vulnerability that could allow an authorized attacker to escalate privileges locally.	Endpoint Yacht-focused	Apr 22, 2026
CVE-2025-68645	Synacor Zimbra Collaboration Suite (ZCS)	Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability Synacor Zimbra Collaboration Suite (ZCS) contains a PHP remote file inclusion vulnerability that could allow for remote attackers to craft requests to the /h/rest endpoint to influence internal request dispatching, allowing inclusion of arbitrary files from the WebRoot directory.	Endpoint Yacht-focused	Jan 22, 2026
CVE-2025-54948	Trend Micro Apex One	Trend Micro Apex One OS Command Injection Vulnerability Trend Micro Apex One Management Console (on-premise) contains an OS command injection vulnerability that could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations.	Endpoint Yacht-focused	Aug 18, 2025

Source: CISA Known Exploited Vulnerabilities catalog. Updated hourly. Want crew who know what to do when one of these lands aboard? Start the free crew course →

Full CISA KEV catalog

Ready to harden your crew's cyber posture?

Ready to harden your crew's
cyber posture?