CyberAlerts Known Exploited Vulnerabilities (KEV)

CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CyberAlerts provides a trusted catalog of vulnerabilities known to be exploited in the wild, drawing from many sources, including CISA KEV. Organizations can use this catalog to better prioritize and manage vulnerabilities in response to real-world threat activity. Further information here.

Free API Access!

Show Not In CISA KEV

Displaying vulnerabilities 41 - 50 of 130 in total

CVE-2025-47729	The TeleMessage archiving backend through 2025-05-05 holds cleartext copies of messages from TM SGNL (aka Archive Signal) app users, which is... Description: The TeleMessage archiving backend through 2025-05-05 holds cleartext copies of messages from TM SGNL (aka Archive Signal) app users, which is different functionality than described in the TeleMessage "End-to-End encryption from the mobile phone through to the corporate archive" documentation, as exploited in the wild in May 2025. CVSS: LOW (1.9) EPSS Score: 8.55% May 8th, 2025 (about 2 months ago)
CVE-2025-27007	WordPress SureTriggers <= 1.0.82 - Privilege Escalation Vulnerability Description: Incorrect Privilege Assignment vulnerability in Brainstorm Force SureTriggers allows Privilege Escalation.This issue affects SureTriggers: from n/a through 1.0.82. CVSS: CRITICAL (9.8) EPSS Score: 17.88% SSVC Exploitation: none May 7th, 2025 (about 2 months ago)
CVE-2024-6047	GeoVision EOL device - OS Command Injection Description: Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. CVSS: CRITICAL (9.8) EPSS Score: 75.4% SSVC Exploitation: active May 7th, 2025 (about 2 months ago)
CVE-2024-11120	GeoVision EOL devices - OS Command Injection Description: Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we have received related reports. CVSS: CRITICAL (9.8) EPSS Score: 54.56% SSVC Exploitation: active May 7th, 2025 (about 2 months ago)
CVE-2025-34028	Commvault Command Center Innovation Release Unathenticated Path Traversal Description: A path traversal vulnerability in Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files, which, when expanded by the target server, result in Remote Code Execution. A PoC exists for this vulnerability. This issue affects Command Center Innovation Release: 11.38. CVSS: CRITICAL (10.0) EPSS Score: 63.86% May 2nd, 2025 (about 2 months ago)
CVE-2024-38475	Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. Description: Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. Substitutions in server context that use a backreferences or variables as the first segment of the substitution are affected. Some unsafe RewiteRules will be broken by this change and the rewrite flag "UnsafePrefixStat" can be used to opt back in once ensuring the substitution is appropriately constrained. EPSS Score: 0.04% May 1st, 2025 (2 months ago)
CVE-2023-44221	Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative... Description: Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability. CVSS: LOW (0.0) EPSS Score: 0.14% May 1st, 2025 (2 months ago)
CVE-2025-3928	Commvault Web Server unspecified vulnerability Description: Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. According to the Commvault advisory: "Webservers can be compromised through bad actors creating and executing webshells." Fixed in version 11.36.46, 11.32.89, 11.28.141, and 11.20.217 for Windows and Linux platforms. CVSS: HIGH (8.8) EPSS Score: 15.08% April 28th, 2025 (2 months ago)
CVE-2025-42599	Active! mail 6 BuildInfo: 6.60.05008561 and earlier contains a stack-based buffer overflow vulnerability. Receiving a specially crafted request... Description: Active! mail 6 BuildInfo: 6.60.05008561 and earlier contains a stack-based buffer overflow vulnerability. Receiving a specially crafted request created and sent by a remote unauthenticated attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition. CVSS: CRITICAL (9.8) EPSS Score: 13.86% April 28th, 2025 (2 months ago)
CVE-2025-1976	Code injection exposure in Fabric OS 9.1.0 through 9.1.1d6 Description: Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6. CVSS: HIGH (8.6) EPSS Score: 1.79% April 28th, 2025 (2 months ago)