Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Showing 1 - 20 of 87
Filters:
Google | Chromium Mojo

CVE-2025-2783

Google Chromium Mojo Sandbox Escape Vulnerability: Google Chromium Mojo on Windows contains a sandbox escape vulnerability caused by a logic error, which results from an incorrect handle being provided in unspecified circumstances. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2025-03-27
  • Due Date: 2025-04-17
Additional Notes
https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-2783
VMware | ESXi, Workstation, and Fusion

CVE-2025-22226

VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability: VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. Successful exploitation allows an attacker with administrative privileges to a virtual machine to leak memory from the vmx process.

Related CWE: CWE-125

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2025-03-04
  • Due Date: 2025-03-25
Additional Notes
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390 ; https://nvd.nist.gov/vuln/detail/CVE-2025-22226
VMware | ESXi and Workstation

CVE-2025-22224

VMware ESXi and Workstation TOCTOU Race Condition Vulnerability: VMware ESXi and Workstation contain a time-of-check time-of-use (TOCTOU) race condition vulnerability that leads to an out-of-bounds write. Successful exploitation enables an attacker with local administrative privileges on a virtual machine to execute code as the virtual machine's VMX process running on the host.

Related CWE: CWE-367

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2025-03-04
  • Due Date: 2025-03-25
Additional Notes
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390 ; https://nvd.nist.gov/vuln/detail/CVE-2025-22224
VMware | ESXi

CVE-2025-22225

VMware ESXi Arbitrary Write Vulnerability: VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges within the VMX process to trigger an arbitrary kernel write leading to an escape of the sandbox.

Related CWE: CWE-123

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2025-03-04
  • Due Date: 2025-03-25
Additional Notes
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390 ; https://nvd.nist.gov/vuln/detail/CVE-2025-22225
VMware | vCenter Server

CVE-2024-38813

VMware vCenter Server Privilege Escalation Vulnerability: VMware vCenter contains an improper check for dropped privileges vulnerability. This vulnerability could allow an attacker with network access to the vCenter Server to escalate privileges to root by sending a specially crafted packet.

Related CWEs: CWE-250| CWE-273

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-11-20
  • Due Date: 2024-12-11
Additional Notes
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968 ; https://nvd.nist.gov/vuln/detail/CVE-2024-38813
VMware | vCenter Server

CVE-2024-38812

VMware vCenter Server Heap-Based Buffer Overflow Vulnerability: VMware vCenter Server contains a heap-based buffer overflow vulnerability in the implementation of the DCERPC protocol. This vulnerability could allow an attacker with network access to the vCenter Server to execute remote code by sending a specially crafted packet.

Related CWE: CWE-122

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-11-20
  • Due Date: 2024-12-11
Additional Notes
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968 ; https://nvd.nist.gov/vuln/detail/CVE-2024-38812
Google | Chromium V8

CVE-2024-7965

Google Chromium V8 Inappropriate Implementation Vulnerability: Google Chromium V8 contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Related CWE: CWE-358

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-08-28
  • Due Date: 2024-09-18
Additional Notes
https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html; https://nvd.nist.gov/vuln/detail/CVE-2024-7965
Google | Chromium V8

CVE-2024-7971

Google Chromium V8 Type Confusion Vulnerability: Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Related CWE: CWE-843

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-08-26
  • Due Date: 2024-09-16
Additional Notes
https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html; https://nvd.nist.gov/vuln/detail/CVE-2024-7971
VMware | ESXi

CVE-2024-37085

VMware ESXi Authentication Bypass Vulnerability: VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD.

Related CWE: CWE-305

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-07-30
  • Due Date: 2024-08-20
Additional Notes
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505; https://nvd.nist.gov/vuln/detail/CVE-2024-37085
VMware | vCenter Server

CVE-2022-22948

VMware vCenter Server Incorrect Default File Permissions Vulnerability : VMware vCenter Server contains an incorrect default file permissions vulnerability that allows a remote, privileged attacker to gain access to sensitive information.

Related CWE: CWE-276

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-07-17
  • Due Date: 2024-08-07
Additional Notes
https://www.vmware.com/security/advisories/VMSA-2022-0009.html; https://nvd.nist.gov/vuln/detail/CVE-2022-22948
Google | Chromium V8

CVE-2024-5274

Google Chromium V8 Type Confusion Vulnerability: Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Related CWE: CWE-843

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-05-28
  • Due Date: 2024-06-18
Additional Notes
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_23.html?m=1; https://nvd.nist.gov/vuln/detail/CVE-2024-5274
Google | Chromium V8

CVE-2024-4947

Google Chromium V8 Type Confusion Vulnerability: Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page.

Related CWE: CWE-843

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-05-20
  • Due Date: 2024-06-10
Additional Notes
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html; https://nvd.nist.gov/vuln/detail/CVE-2024-4947
Google | Chromium V8

CVE-2024-4761

Google Chromium V8 Out-of-Bounds Memory Write Vulnerability: Google Chromium V8 Engine contains an unspecified out-of-bounds memory write vulnerability via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-05-16
  • Due Date: 2024-06-06
Additional Notes
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_13.html; https://nvd.nist.gov/vuln/detail/CVE-2024-4761
Google | Chromium

CVE-2024-4671

Google Chromium Visuals Use-After-Free Vulnerability: Google Chromium Visuals contains a use-after-free vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-05-13
  • Due Date: 2024-06-03
Additional Notes
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html?m=1; https://nvd.nist.gov/vuln/detail/CVE-2024-4671
Google | Chromium V8

CVE-2023-4762

Google Chromium V8 Type Confusion Vulnerability: Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Related CWE: CWE-843

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-02-06
  • Due Date: 2024-02-27
Additional Notes
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html; https://nvd.nist.gov/vuln/detail/CVE-2023-4762
VMware | vCenter Server

CVE-2023-34048

VMware vCenter Server Out-of-Bounds Write Vulnerability: VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol that allows an attacker to conduct remote code execution.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-01-22
  • Due Date: 2024-02-12
Additional Notes
https://www.vmware.com/security/advisories/VMSA-2023-0023.html; https://nvd.nist.gov/vuln/detail/CVE-2023-34048
Google | Chromium V8

CVE-2024-0519

Google Chromium V8 Out-of-Bounds Memory Access Vulnerability: Google Chromium V8 Engine contains an out-of-bounds memory access vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-01-17
  • Due Date: 2024-02-07
Additional Notes
https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_16.html; https://nvd.nist.gov/vuln/detail/CVE-2024-0519
Google | Chromium WebRTC

CVE-2023-7024

Google Chromium WebRTC Heap Buffer Overflow Vulnerability: Google Chromium WebRTC, an open-source project providing web browsers with real-time communication, contains a heap buffer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could impact web browsers using WebRTC, including but not limited to Google Chrome.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-01-02
  • Due Date: 2024-01-23
Additional Notes
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_20.html; https://nvd.nist.gov/vuln/detail/CVE-2023-7024
Google | Chromium Skia

CVE-2023-6345

Google Skia Integer Overflow Vulnerability: Google Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a malicious file. This vulnerability affects Google Chrome and ChromeOS, Android, Flutter, and possibly other products.

Related CWE: CWE-190

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2023-11-30
  • Due Date: 2023-12-21
Additional Notes
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_28.html ; https://nvd.nist.gov/vuln/detail/CVE-2023-6345
Google | Chromium libvpx

CVE-2023-5217

Google Chromium libvpx Heap Buffer Overflow Vulnerability: Google Chromium libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could impact web browsers using libvpx, including but not limited to Google Chrome.

Related CWE: CWE-787

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2023-10-02
  • Due Date: 2023-10-23
Additional Notes
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html; https://nvd.nist.gov/vuln/detail/CVE-2023-5217

Subscribe to the KEV Catalog Updates

Stay up to date on the latest known exploited vulnerabilities.

Subscribe Now