Full CISA KEV catalog

Every CVE the U.S. cybersecurity agency has flagged as actively exploited. Search by vendor or product. Filter by category, time window, or ransomware association. Paginated 50 per page.

All 500 Ransomware-linked 62 Yacht-focused 151 Network gear 69 Endpoint 6 M365 / Email 11 Browsers 25 VPN / Remote access 12 Server OS / DB / Web 27 Enterprise stack 26 Mobile 32 ICS / OT 1 IoT 6

Showing 1–1 of 1 · Page 1 of 1

Clear all filters

CVE	Vendor / product	Vulnerability	Categories	Added to KEV
CVE-2021-22681	Rockwell Multiple Products	Rockwell Multiple Products Insufficient Protected Credentials Vulnerability Multiple Rockwell products contain an insufficient protected credentials vulnerability. Studio 5000 Logix Designer software may allow a key to be discovered. This key is used to verify Logix controllers are communicating with Rockwell Automation design software. If successfully exploited, this vulnerability could allow an unauthorized application to connect…	ICS / OT	Mar 5, 2026

Source: CISA Known Exploited Vulnerabilities catalog. Updated hourly. Want crew who know what to do when one of these lands aboard? Start the free crew course →

Full CISA KEV catalog

Ready to harden your crew's cyber posture?

Ready to harden your crew's
cyber posture?