For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains …

Jul 28, 2025 · CISA has added three new vulnerabilities to its KEV Catalog, based on evidence of active exploitation.

Jan 14, 2020 · An attacker could remotely exploit these vulnerabilities to decrypt, modify, or inject data on user connections: CryptoAPI spoofing vulnerability – CVE-2020-0601: This …

Learn about the importance of CISA's Known Exploited Vulnerability (KEV) catalog and how to use it to help build a collective resilience across the cybersecurity community.

Top Routinely Exploited Vulnerabilities Listed in Table 1 are the top 15 vulnerabilities the authoring agencies observed malicious cyber actors routinely exploiting in 2023 with details …

Dec 11, 2025 · By shining a light on the most dangerous software weaknesses, CISA and MITRE reinforce collective efforts to reduce vulnerabilities at the source, strengthen national …

Apr 28, 2022 · These vulnerabilities include multiple vulnerabilities affecting internet-facing systems, including Accellion File Transfer Appliance (FTA), Windows Print Spooler, and Pulse …

Aug 20, 2021 · This advisory provides details on the top 30 vulnerabilities—primarily Common Vulnerabilities and Exposures (CVEs)—routinely exploited by malicious cyber actors in 2020 …

Dec 18, 2024 · Reolink RLC-410W IP Camera OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant …

May 15, 2025 · SAP NetWeaver Deserialization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal …