Full CISA KEV catalog

Every CVE the U.S. cybersecurity agency has flagged as actively exploited. Search by vendor or product. Filter by category, time window, or ransomware association. Paginated 50 per page.

All 500 Ransomware-linked 62 Yacht-focused 151 Network gear 69 Endpoint 6 M365 / Email 11 Browsers 25 VPN / Remote access 12 Server OS / DB / Web 27 Enterprise stack 26 Mobile 32 ICS / OT 1 IoT 6

Showing 1–6 of 6 · Page 1 of 1

Clear all filters

CVE	Vendor / product	Vulnerability	Categories	Added to KEV
CVE-2017-7921	Hikvision Multiple Products	Hikvision Multiple Products Improper Authentication Vulnerability Multiple Hikvision products contain an improper authentication vulnerability that could allow a malicious user to escalate privileges on the system and gain access to sensitive information.	IoT Yacht-focused	Mar 5, 2026
CVE-2025-1316	Edimax IC-7100 IP Camera	Edimax IC-7100 IP Camera OS Command Injection Vulnerability Edimax IC-7100 IP camera contains an OS command injection vulnerability due to improper input sanitization that allows an attacker to achieve remote code execution via specially crafted requests. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.	IoT Yacht-focused	Mar 19, 2025
CVE-2021-40407	Reolink RLC-410W IP Camera	Reolink RLC-410W IP Camera OS Command Injection Vulnerability Reolink RLC-410W IP cameras contain an authenticated OS command injection vulnerability in the device network settings functionality.	IoT Yacht-focused	Dec 18, 2024
CVE-2019-11001	Reolink Multiple IP Cameras	Reolink Multiple IP Cameras OS Command Injection Vulnerability Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W IP cameras contain an authenticated OS command injection vulnerability. This vulnerability allows an authenticated admin to use the "TestEmail" functionality to inject and run OS commands as root.	IoT Yacht-focused	Dec 18, 2024
CVE-2021-33045	Dahua IP Camera Firmware	Dahua IP Camera Authentication Bypass Vulnerability Dahua IP cameras and related products contain an authentication bypass vulnerability when the loopback device is specified by the client during authentication.	IoT Yacht-focused	Aug 21, 2024
CVE-2021-33044	Dahua IP Camera Firmware	Dahua IP Camera Authentication Bypass Vulnerability Dahua IP cameras and related products contain an authentication bypass vulnerability when the NetKeyboard type argument is specified by the client during authentication.	IoT Yacht-focused	Aug 21, 2024

Source: CISA Known Exploited Vulnerabilities catalog. Updated hourly. Want crew who know what to do when one of these lands aboard? Start the free crew course →

Full CISA KEV catalog

Ready to harden your crew's cyber posture?

Ready to harden your crew's
cyber posture?