KEV

Known Exploited Vulnerabilities Catalog

Local catalog of known exploited vulnerabilities conforming to GCVE BCP-07 standard.
Catalog UUID: 1a89b78e-f703-45f3-bb86-59eb712668bd (gna-1)
License: CC0-1.0

Vulnerability ID Status Exploited Status Updated Evidence Characteristics Actions
CVE-2026-20245
Cisco - Cisco Catalyst SD-WAN Controller , Cisco - Cisco Catalyst SD-WAN Manager
Suspected
Asserted: 2026-06-25
Yes 2026-06-25
First seen: 2026-06-25
- Details
CVE-2026-39813
Fortinet - FortiSandbox , Fortinet - FortiSandbox Cloud
Confirmed
Asserted: 2026-06-22
Yes 2026-06-22
First seen: 2026-06-22
- Severity: 100.0
No Auth Required
Remote
Details
CVE-2026-10520
ivanti - Sentry
Suspected
Asserted: 2026-06-12
Yes 2026-06-12
First seen: 2026-06-12
- Severity: 100.0
RCE
No Auth Required
Remote
Details
CVE-2026-50751
checkpoint - Quantum Security Gateway , checkpoint - Spark Firewalls
Confirmed
Asserted: 2026-06-08
Yes 2026-06-08
First seen: 2026-06-08
1 source
public_report
No Auth Required
Remote
Details
CVE-2026-31431
Linux - Linux , Siemens - SIMATIC S7-1500 CPU 1518-4 PN/DP MFP +60 more
Confirmed
Asserted: 2026-05-04
Yes 2026-05-04
First seen: 2026-05-02
1 source
incident_response
Details
CVE-2026-35616
Fortinet - FortiClientEMS
Confirmed
Asserted: 2026-04-06
Yes 2026-04-06
First seen: 2026-04-06
- - Details
GCVE-1-2026-0020
Eir - D1000
Confirmed
Asserted: 2026-03-11
Yes 2026-03-23
First seen: 2026-01-14
1 source
sinkhole
Severity: 100.0
RCE
No Auth Required
Remote
Details
CVE-2024-13030
D-Link - DIR-823G
Confirmed
Asserted: 2026-03-12
Yes 2026-03-12
First seen: 2026-03-12
1 source
sinkhole
Severity: 100.0
RCE
No Auth Required
Remote
Details
CVE-2021-35394 Confirmed
Asserted: 2026-03-12
Yes 2026-03-12
First seen: 2026-03-12
1 source
sinkhole
Severity: 100.0
RCE
No Auth Required
Remote
Details
CVE-2017-17215
Huawei Technologies Co., Ltd. - HG532
Confirmed
Asserted: 2026-03-12
Yes 2026-03-12
First seen: 2026-03-12
1 source
sinkhole
Severity: 100.0
RCE
No Auth Required
Remote
Details
displaying 1 - 10 KEV entries in total 17
About this Catalog

CIRCL provides a known-exploited vulnerability catalog and supports the different status reasons described in GCVE BCP-07.

This Known Exploited Vulnerabilities (KEV) catalog conforms to the GCVE BCP-07 standard (Best Current Practice) standard for documenting vulnerabilities with confirmed or suspected active exploitation.

Each entry includes exploitation status, evidence sources, and characteristics to help organizations prioritize vulnerability remediation efforts.