Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has flagged as actively exploited. Search by vendor or product. Filter by category, time window, or ransomware association. Paginated 50 per page.
| CVE | Vendor / product | Vulnerability | Categories | Added to KEV |
|---|---|---|---|---|
| CVE-2026-42897 |
Microsoft
Microsoft
|
Microsoft Exchange Server Cross-Site Scripting Vulnerability
Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditions are met, arbitrary JavaScript can be executed in the browser context.
|
M365 / Email Yacht-focused | May 15, 2026 |
| CVE-2026-32201 |
Microsoft
SharePoint Server
|
Microsoft SharePoint Server Improper Input Validation Vulnerability
Microsoft SharePoint Server contains an improper input validation vulnerability that allows an unauthorized attacker to perform spoofing over a network.
|
M365 / Email Yacht-focused | Apr 14, 2026 |
| CVE-2023-21529 |
Microsoft
Exchange Server
|
Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability
Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution.
|
Ransomware M365 / Email Yacht-focused | Apr 13, 2026 |
| CVE-2026-20963 |
Microsoft
SharePoint
|
Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network.
|
M365 / Email Yacht-focused | Mar 18, 2026 |
| CVE-2025-20393 |
Cisco
Multiple Products
|
Cisco Multiple Products Improper Input Validation Vulnerability
Cisco Secure Email Gateway, Secure Email, AsyncOS Software, and Web Manager appliances contains an improper input validation vulnerability that allows threat actors to execute arbitrary commands with root privileges on the underlying operating system of an affected appliance.
|
Network gear M365 / Email Yacht-focused | Dec 17, 2025 |
| CVE-2025-49704 |
Microsoft
SharePoint
|
Microsoft SharePoint Code Injection Vulnerability
Microsoft SharePoint contains a code injection vulnerability that could allow an authorized attacker to execute code over a network. This vulnerability could be chained with CVE-2025-49706. CVE-2025-53770 is a patch bypass for CVE-2025-49704, and the updates for CVE-2025-53770 include more robust protection than those for CVE-2025-49704.
|
Ransomware M365 / Email Yacht-focused | Jul 22, 2025 |
| CVE-2025-49706 |
Microsoft
SharePoint
|
Microsoft SharePoint Improper Authentication Vulnerability
Microsoft SharePoint contains an improper authentication vulnerability that allows an authorized attacker to perform spoofing over a network. Successfully exploitation could allow an attacker to view sensitive information and make some changes to disclosed information. This vulnerability could be chained with CVE-2025-49704. CVE-2025-53771 is a patch bypass…
|
Ransomware M365 / Email Yacht-focused | Jul 22, 2025 |
| CVE-2025-53770 |
Microsoft
SharePoint
|
Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
Microsoft SharePoint Server on-premises contains a deserialization of untrusted data vulnerability that could allow an unauthorized attacker to execute code over a network. This vulnerability could be chained with CVE-2025-53771. CVE-2025-53770 is a patch bypass for CVE-2025-49704, and the updates for CVE-2025-53770 include more robust protection than those…
|
Ransomware M365 / Email Yacht-focused | Jul 20, 2025 |
| CVE-2024-21413 |
Microsoft
Office Outlook
|
Microsoft Outlook Improper Input Validation Vulnerability
Microsoft Outlook contains an improper input validation vulnerability that allows for remote code execution. Successful exploitation of this vulnerability would allow an attacker to bypass the Office Protected View and open in editing mode rather than protected mode.
|
M365 / Email Yacht-focused | Feb 6, 2025 |
| CVE-2024-38094 |
Microsoft
SharePoint
|
Microsoft SharePoint Deserialization Vulnerability
Microsoft SharePoint contains a deserialization vulnerability that allows for remote code execution.
|
Ransomware M365 / Email Yacht-focused | Oct 22, 2024 |
| CVE-2021-31196 |
Microsoft
Exchange Server
|
Microsoft Exchange Server Information Disclosure Vulnerability
Microsoft Exchange Server contains an information disclosure vulnerability that allows for remote code execution.
|
M365 / Email Yacht-focused | Aug 21, 2024 |
Source: CISA Known Exploited Vulnerabilities catalog. Updated hourly. Want crew who know what to do when one of these lands aboard? Start the free crew course →