CISA Known Exploited Vulnerabilities — updated daily · Catalog date: 2026-07-01T19:00:06.9016Z
Added in the Last 30 Days
| CVE | Vendor / Product | Vulnerability | Added | Due |
|---|---|---|---|---|
| CVE-2026-45659 | Microsoft SharePoint Server | Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability | 2026-07-01 | 2026-07-04 |
| CVE-2026-48558 | SimpleHelp SimpleHelp | SimpleHelp Authentication Bypass Vulnerability | 2026-06-29 | 2026-07-02 |
| CVE-2026-12569 | PTC Windchill and FlexPLM | PTC Windchill and FlexPLM Improper Input Validation Vulnerability | 2026-06-25 | 2026-06-28 |
| CVE-2026-20230 | Cisco Unified Communications Manager | Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability | 2026-06-25 | 2026-06-28 |
| CVE-2025-67038 | Lantronix EDS5000 | Lantronix EDS5000 Code Injection Vulnerability | 2026-06-23 | 2026-06-26 |
| CVE-2026-34910 | Ubiquiti UniFi OS | Ubiquiti UniFi OS Improper Input Validation Vulnerability | 2026-06-23 | 2026-06-26 |
| CVE-2026-34909 | Ubiquiti UniFi OS | Ubiquiti UniFi OS Path Traversal Vulnerability | 2026-06-23 | 2026-06-26 |
| CVE-2026-34908 | Ubiquiti UniFi OS | Ubiquiti UniFi OS Improper Access Control Vulnerability | 2026-06-23 | 2026-06-26 |
| CVE-2026-20253 | Splunk Enterprise | Splunk Enterprise Missing Authentication for Critical Function Vulnerability | 2026-06-18 | 2026-06-21 |
| CVE-2026-48907 | Widget Factory Joomla Content Editor | Widget Factory Joomla Content Editor Improper Access Control Vulnerability | 2026-06-16 | 2026-06-19 |
| CVE-2026-54420 | LiteSpeed cPanel Plugin | LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability | 2026-06-15 | 2026-06-18 |
| CVE-2026-20262 | Cisco Catalyst SD-WAN Manager | Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability | 2026-06-15 | 2026-06-29 |
| CVE-2026-35273 | Oracle PeopleSoft Enterprise PeopleTools | Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability RANSOMWARE | 2026-06-12 | 2026-06-15 |
| CVE-2026-10520 | Ivanti Sentry | Ivanti Sentry OS Command Injection Vulnerability | 2026-06-11 | 2026-06-14 |
| CVE-2026-11645 | Google Chromium V8 | Google Chromium V8 Out-of-Bounds Read and Write Vulnerability | 2026-06-09 | 2026-06-23 |
| CVE-2026-7473 | Arista Extensible Operating System | Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability | 2026-06-09 | 2026-06-23 |
| CVE-2026-20245 | Cisco Catalyst SD-WAN Manager | Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability | 2026-06-09 | 2026-06-23 |
| CVE-2026-42271 | BerriAI LiteLLM | BerriAI LiteLLM Command Injection Vulnerability | 2026-06-08 | 2026-06-22 |
| CVE-2026-50751 | Check Point Security Gateway | Check Point Security Gateway Improper Authentication Vulnerability RANSOMWARE | 2026-06-08 | 2026-06-11 |
| CVE-2026-28318 | SolarWinds Serv-U | SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability | 2026-06-05 | 2026-06-19 |
Remediation Due Within 14 Days
| CVE | Vendor / Product | Vulnerability | Added | Due |
|---|---|---|---|---|
| CVE-2026-45659 | Microsoft SharePoint Server | Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability | 2026-07-01 | 2026-07-04 |
Monthly Addition Logs
Data: official CISA KEV catalog. CVEs listed here are confirmed exploited in the wild — patch these first. Due dates are CISA BOD 22-01 deadlines for US federal agencies, and a strong prioritisation signal for everyone else.