Exploited CVEs / By vendor

Actively exploited vulnerabilities by vendor

Every vendor with 5 or more CVEs on the CISA Known Exploited Vulnerabilities catalog. Refreshed daily; vendors join the list automatically as CISA catalogs their CVEs.

VendorExploited CVEsRansomware-linkedNewest addition
Microsoft378104CVE-2026-45659 (2026-07-01)
Cisco936CVE-2026-20230 (2026-06-25)
Apple93-CVE-2025-31277 (2026-03-20)
Adobe7910CVE-2009-3459 (2026-05-20)
Google72-CVE-2026-11645 (2026-06-09)
Oracle4413CVE-2026-35273 (2026-06-12)
Apache397CVE-2026-34197 (2026-04-16)
Ivanti3512CVE-2026-10520 (2026-06-11)
Linux262CVE-2022-0492 (2026-06-02)
D-Link262CVE-2025-29635 (2026-04-24)
Fortinet2613CVE-2026-21643 (2026-04-13)
VMware269CVE-2025-22224 (2025-03-04)
Citrix227CVE-2026-3055 (2026-03-30)
Synacor185CVE-2025-48700 (2026-04-20)
Android17-CVE-2025-48595 (2026-06-02)
Palo Alto Networks155CVE-2026-0257 (2026-05-29)
Samsung15-CVE-2024-7399 (2026-04-24)
SonicWall1510CVE-2025-40602 (2025-12-17)
SAP142CVE-2025-42999 (2025-05-15)
Mozilla131CVE-2010-3765 (2025-10-06)
Atlassian138CVE-2021-26086 (2024-11-12)
Trend Micro12-CVE-2026-34926 (2026-05-21)
Qualcomm12-CVE-2026-21385 (2026-03-03)
Zyxel122CVE-2024-40890 (2025-02-11)
SolarWinds111CVE-2026-28318 (2026-06-05)
Roundcube11-CVE-2025-49113 (2026-02-20)
QNAP119CVE-2023-47565 (2023-12-21)
Arm9-CVE-2024-4610 (2024-06-12)
Zoho92CVE-2022-28810 (2023-03-07)
Juniper8-CVE-2015-7755 (2025-10-02)
Progress84CVE-2024-4885 (2025-03-03)
NETGEAR8-CVE-2017-5521 (2022-09-08)
F574CVE-2025-53521 (2026-03-27)
Mitel75CVE-2024-41710 (2025-02-12)
Sophos71CVE-2020-15069 (2025-02-06)
Red Hat73CVE-2018-14667 (2023-09-28)
IBM72CVE-2022-47986 (2023-02-21)
Jenkins61CVE-2017-1000353 (2025-10-02)
TP-Link6-CVE-2023-50224 (2025-09-03)
Drupal52CVE-2026-9082 (2026-05-22)
GNU5-CVE-2026-24061 (2026-01-26)
RARLAB53CVE-2025-6218 (2025-12-09)
DrayTek5-CVE-2024-12987 (2025-05-15)
Exim51CVE-2010-4344 (2022-03-25)

Vendors below the 5-CVE threshold are in the full exploited-CVE tracker. The newest additions across all vendors: exploited this week.

Sponsored by SenservaMicrosoft 365, Intune, Defender, and Entra ID security and compliance, with automated remediation and Trustworthy AI.Scan free
Lexicon: the terms on this page
CVE
Common Vulnerabilities and Exposures. A unique ID for one publicly known vulnerability, such as CVE-2025-1234.
KB
Microsoft Knowledge Base article. The identifier for a specific Microsoft update.
KEV
CISA Known Exploited Vulnerabilities. CVEs confirmed exploited in the wild. Fix these first.
CVSS
Common Vulnerability Scoring System. A standardized Severity score from 0 to 10.
EPSS
Exploit Prediction Scoring System. The probability a CVE will be exploited in the next 30 days.
MSRC
Microsoft Security Response Center. Microsoft's Patch Tuesday advisories and KB-to-CVE mapping.
NVD
National Vulnerability Database (NIST). Authoritative CVE metadata and CVSS scores.
Ransomware
The vulnerability is linked to known ransomware activity.
Reference: the Microsoft patching guide, how Intune, Windows Autopatch, Defender, and Azure Update Manager fit together.
Data notice: this page, the feeds, and the API are provided as is, for informational purposes only, without warranty of any kind. Senserva, LLC does not guarantee the accuracy, completeness, or timeliness of third-party data (MSRC, NVD, CISA KEV, EPSS) and accepts no liability for actions taken based on it; verify against the authoritative vendor advisory before acting. Built daily with Senserva Trustworthy AI. All use of this data is subject to the Senserva EULA.