Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has flagged as actively exploited. Search by vendor or product. Filter by category, time window, or ransomware association. Paginated 50 per page.
| CVE | Vendor / product | Vulnerability | Categories | Added to KEV |
|---|---|---|---|---|
| CVE-2026-50751 |
Check Point
Security Gateway
|
Check Point Security Gateway Improper Authentication Vulnerability
Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.
|
Ransomware VPN / Remote access Yacht-focused | Jun 8, 2026 |
| CVE-2026-21643 |
Fortinet
FortiClient EMS
|
Fortinet FortiClient EMS SQL Injection Vulnerability
Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
|
Network gear VPN / Remote access Yacht-focused | Apr 13, 2026 |
| CVE-2026-35616 |
Fortinet
FortiClient EMS
|
Fortinet FortiClient EMS Improper Access Control Vulnerability
Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.
|
Network gear VPN / Remote access Yacht-focused | Apr 6, 2026 |
| CVE-2026-3055 |
Citrix
NetScaler
|
Citrix NetScaler Out-of-Bounds Read Vulnerability
Citrix NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS and NDcPP contain an out-of-bounds reads vulnerability when configured as a SAML IDP leading to memory overread.
|
VPN / Remote access Yacht-focused | Mar 30, 2026 |
| CVE-2025-7775 |
Citrix
NetScaler
|
Citrix NetScaler Memory Overflow Vulnerability
Citrix NetScaler ADC and NetScaler Gateway contain a memory overflow vulnerability that could allow for remote code execution and/or denial of service.
|
VPN / Remote access Yacht-focused | Aug 26, 2025 |
| CVE-2025-5777 |
Citrix
NetScaler ADC and Gateway
|
Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability
Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient input validation. This vulnerability can lead to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.
|
Ransomware VPN / Remote access Yacht-focused | Jul 10, 2025 |
| CVE-2025-6543 |
Citrix
NetScaler ADC and Gateway
|
Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability
Citrix NetScaler ADC and Gateway contain a buffer overflow vulnerability leading to unintended control flow and Denial of Service. NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.
|
VPN / Remote access Yacht-focused | Jun 30, 2025 |
| CVE-2023-44221 |
SonicWall
SMA100 Appliances
|
SonicWall SMA100 Appliances OS Command Injection Vulnerability
SonicWall SMA100 appliances contain an OS command injection vulnerability in the SSL-VPN management interface that allows a remote, authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user.
|
Network gear VPN / Remote access Yacht-focused | May 1, 2025 |
| CVE-2025-22457 |
Ivanti
Connect Secure, Policy Secure, and ZTA Gateways
|
Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability
Ivanti Connect Secure, Policy Secure, and ZTA Gateways contains a stack-based buffer overflow vulnerability that allows a remote unauthenticated attacker to achieve remote code execution.
|
Ransomware VPN / Remote access Yacht-focused | Apr 4, 2025 |
| CVE-2024-53704 |
SonicWall
SonicOS
|
SonicWall SonicOS SSLVPN Improper Authentication Vulnerability
SonicWall SonicOS contains an improper authentication vulnerability in the SSLVPN authentication mechanism that allows a remote attacker to bypass authentication.
|
Ransomware Network gear VPN / Remote access Yacht-focused | Feb 18, 2025 |
| CVE-2025-0282 |
Ivanti
Connect Secure, Policy Secure, and ZTA Gateways
|
Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability
Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthenticated remote code execution.
|
Ransomware VPN / Remote access Yacht-focused | Jan 8, 2025 |
| CVE-2023-28461 |
Array Networks
AG/vxAG ArrayOS
|
Array Networks AG and vxAG ArrayOS Missing Authentication for Critical Function Vulnerability
Array Networks AG and vxAG ArrayOS contain a missing authentication for critical function vulnerability that allows an attacker to read local files and execute code on the SSL VPN gateway.
|
Ransomware VPN / Remote access Yacht-focused | Nov 25, 2024 |
Source: CISA Known Exploited Vulnerabilities catalog. Updated hourly. Want crew who know what to do when one of these lands aboard? Start the free crew course →