<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/kev-catalogs/feed</id>
  <title>Aggregated Known Exploited Vulnerabilities Catalogs</title>
  <updated>2026-07-06T01:17:31.409742+00:00</updated>
  <author>
    <name>gna-1</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu/kev-catalogs" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Aggregated feed of KEV entries across all catalogs explorable via this instance, conforming to GCVE BCP-07. Contains the most recent 20 entries.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/9b8a9680-6913-4e1f-9308-d3136d97e4b7</id>
    <title>[Shadowserver] EDB-44760 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:00:26.830621+00:00</updated>
    <content>&lt;h3&gt;EDB-44760&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2023-10-13&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2023-10-13&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: D-Link / D-Link DSL-2750B | Class: router | IoT: yes | In CISA KEV: no | Honeypot connections on 2026-07-04: 41&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/EDB-44760"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/332c2162-0965-4adc-8f82-ae8b34fa430f</id>
    <title>[Shadowserver] CVE-2021-46381 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:01:23.188933+00:00</updated>
    <content>&lt;h3&gt;CVE-2021-46381&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Characteristics:&lt;/strong&gt; Severity: 75&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2023-10-15&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2023-10-15&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: D-Link / D-Link DAP-1620 | Class: wireless-extender | Severity: High (CVSS 7.5) | IoT: yes | In CISA KEV: no | Honeypot connections on 2026-07-04: 18&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/CVE-2021-46381"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4e8a2bcd-1ac2-406f-9e43-69780fe9e616</id>
    <title>[Shadowserver] CVE-2018-7600 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:00:31.822744+00:00</updated>
    <content>&lt;h3&gt;CVE-2018-7600&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Characteristics:&lt;/strong&gt; Severity: 98&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2023-10-14&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2023-10-14&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: Drupal / Drupal | Class: cms | Severity: Critical (CVSS 9.8) | IoT: no | In CISA KEV: yes | Honeypot connections on 2026-07-04: 181&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/CVE-2018-7600"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/76e94921-1d0e-4baa-aaa3-c191c81646fd</id>
    <title>[Shadowserver] CVE-2024-45195 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:01:27.154308+00:00</updated>
    <content>&lt;h3&gt;CVE-2024-45195&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Characteristics:&lt;/strong&gt; Severity: 75&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2024-12-05&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2024-12-05&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: Apache / OFBiz | Class: other-software | Severity: High (CVSS 7.5) | IoT: no | In CISA KEV: yes | Honeypot connections on 2026-07-04: 5&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/CVE-2024-45195"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5055a1c0-ab68-4ec6-b604-d4b5d78de64d</id>
    <title>[Shadowserver] CVE-2025-0107 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:01:25.130613+00:00</updated>
    <content>&lt;h3&gt;CVE-2025-0107&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Characteristics:&lt;/strong&gt; Severity: 77&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2026-01-15&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2026-01-15&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: Palo Alto Networks / Palo Alto Networks Expedition | Class: other-software | Severity: High (CVSS 7.7) | IoT: no | In CISA KEV: no | Honeypot connections on 2026-07-04: 5&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/CVE-2025-0107"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/98fc5750-1fad-4e9f-b7ce-2b87a0bde698</id>
    <title>[Shadowserver] CVE-2020-16846 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:00:37.561062+00:00</updated>
    <content>&lt;h3&gt;CVE-2020-16846&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Characteristics:&lt;/strong&gt; Severity: 98&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2023-10-14&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2023-10-14&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: SaltStack / Salt | Class: other-software | Severity: Critical (CVSS 9.8) | IoT: no | In CISA KEV: yes | Honeypot connections on 2026-07-04: 50&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/CVE-2020-16846"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/2adee1b8-90e1-42a2-b135-815ff058b471</id>
    <title>[Shadowserver] CVE-2019-5434 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:01:10.048732+00:00</updated>
    <content>&lt;h3&gt;CVE-2019-5434&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Characteristics:&lt;/strong&gt; Severity: 98&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2026-03-09&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2026-03-09&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: Revive / Revive Adserver | Class: other-software | Severity: Critical (CVSS 9.8) | IoT: no | In CISA KEV: no | Honeypot connections on 2026-07-04: 29&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/CVE-2019-5434"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/9d527e7e-af6c-4b38-96b1-35e0e2107215</id>
    <title>[Shadowserver] CVE-2018-10562 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:00:22.671158+00:00</updated>
    <content>&lt;h3&gt;CVE-2018-10562&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Characteristics:&lt;/strong&gt; Severity: 98&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2023-10-13&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2023-10-13&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: Dasan / Dasan GPON Home Router | Class: router | Severity: Critical (CVSS 9.8) | IoT: yes | In CISA KEV: yes | Honeypot connections on 2026-07-04: 308&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/CVE-2018-10562"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/fdcbcb01-f1bf-4709-adbb-a1890873fa0c</id>
    <title>[Shadowserver] CVE-2020-10173 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:01:10.808413+00:00</updated>
    <content>&lt;h3&gt;CVE-2020-10173&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Characteristics:&lt;/strong&gt; Severity: 88&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2024-03-13&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2024-03-13&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: Comtrend / Comtrend VR-3033 | Class: router | Severity: High (CVSS 8.8) | IoT: yes | In CISA KEV: no | Honeypot connections on 2026-07-04: 3&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/CVE-2020-10173"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/d2ea7cfe-4dc7-456f-b6c7-1250526dcd3c</id>
    <title>[Shadowserver] CVE-2019-5129 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:01:06.030565+00:00</updated>
    <content>&lt;h3&gt;CVE-2019-5129&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Characteristics:&lt;/strong&gt; Severity: 98&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2023-10-14&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2023-10-14&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: YouPHPTube / YouPHPTube Encoder | Class: other-software | Severity: Critical (CVSS 9.8) | IoT: no | In CISA KEV: no | Honeypot connections on 2026-07-04: 48&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/CVE-2019-5129"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/ffa60d6c-624a-4e3c-bb75-50324e4bbe11</id>
    <title>[Shadowserver] CVE-2020-17496 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:00:27.599824+00:00</updated>
    <content>&lt;h3&gt;CVE-2020-17496&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2023-10-14&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2023-10-14&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: vBulletin / vBulletin | Class: cms | IoT: no | In CISA KEV: yes | Honeypot connections on 2026-07-04: 265&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/CVE-2020-17496"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/929c0d80-34e5-4a6d-9986-b1e2d37eaa30</id>
    <title>[Shadowserver] EDB-28713 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:00:52.152122+00:00</updated>
    <content>&lt;h3&gt;EDB-28713&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2023-10-14&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2023-10-14&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: RedHat / JBoss | Class: app-server | IoT: no | In CISA KEV: no | Honeypot connections on 2026-07-04: 27&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/EDB-28713"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/fae84844-4b6a-403c-900d-eb6e4270dc97</id>
    <title>[Shadowserver] CVE-2020-36728 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:01:05.515667+00:00</updated>
    <content>&lt;h3&gt;CVE-2020-36728&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Characteristics:&lt;/strong&gt; Severity: 98&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2025-11-18&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2025-11-18&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: Wordpress / Wordpress Adning Advertising plugin | Class: cms | Severity: Critical (CVSS 9.8) | IoT: no | In CISA KEV: no | Honeypot connections on 2026-07-04: 32&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/CVE-2020-36728"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0018b237-9cfb-4884-97b1-fa556aa5c174</id>
    <title>[Shadowserver] CVE-2024-3721 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:02:12.565122+00:00</updated>
    <content>&lt;h3&gt;CVE-2024-3721&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Characteristics:&lt;/strong&gt; Severity: 0&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2024-04-21&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2024-04-21&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: TBK / TBK DVR-4104/DVR-4216 | Class: video-system | Severity: None (CVSS 0) | IoT: yes | In CISA KEV: no | Honeypot connections on 2026-07-04: 29&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/CVE-2024-3721"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/42715fd5-45a8-42a5-a69c-8ad5df98d0eb</id>
    <title>[Shadowserver] CVE-2017-9805 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:00:34.344574+00:00</updated>
    <content>&lt;h3&gt;CVE-2017-9805&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Characteristics:&lt;/strong&gt; Severity: 81&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2023-10-14&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2023-10-14&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: Apache / Struts | Class: web-app-framework | Severity: High (CVSS 8.1) | IoT: no | In CISA KEV: yes | Honeypot connections on 2026-07-04: 542&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/CVE-2017-9805"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/d476cd36-d898-40a8-bd86-2bde23544df5</id>
    <title>[Shadowserver] CVE-2022-47966 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:02:09.132563+00:00</updated>
    <content>&lt;h3&gt;CVE-2022-47966&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2023-10-14&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2023-10-14&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: Zoho / ManageEngine (multiple products) | Class: other-software | IoT: no | In CISA KEV: yes | Honeypot connections on 2026-07-04: 7&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/CVE-2022-47966"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b4990e5b-9974-4a69-b1c7-8ed63f2d7faf</id>
    <title>[Shadowserver] CVE-2020-8515 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:00:50.887904+00:00</updated>
    <content>&lt;h3&gt;CVE-2020-8515&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Characteristics:&lt;/strong&gt; Severity: 98&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2023-10-14&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2023-10-14&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: Draytek / Draytek Vigor2960, Vigor3900, Vigor300B | Class: router | Severity: Critical (CVSS 9.8) | IoT: yes | In CISA KEV: yes | Honeypot connections on 2026-07-04: 26&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/CVE-2020-8515"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/fc454d6d-3bc8-4d70-a0c1-beffd8e4ea79</id>
    <title>[Shadowserver] CVE-2019-9874 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:01:00.289163+00:00</updated>
    <content>&lt;h3&gt;CVE-2019-9874&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Characteristics:&lt;/strong&gt; Severity: 75&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2026-03-09&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2026-03-09&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: Citrix / Citrix StoreFront Server | Class: other-software | Severity: High (CVSS 7.5) | IoT: no | In CISA KEV: yes | Honeypot connections on 2026-07-04: 17&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/CVE-2019-9874"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3c5cb1fe-992f-4097-82a4-c417f56d374c</id>
    <title>[Shadowserver] CVE-2024-36401 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:00:40.774102+00:00</updated>
    <content>&lt;h3&gt;CVE-2024-36401&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Characteristics:&lt;/strong&gt; Severity: 98&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2024-07-28&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2024-07-28&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: Geoserver / Geoserver | Class: other-software | Severity: Critical (CVSS 9.8) | IoT: no | In CISA KEV: yes | Honeypot connections on 2026-07-04: 1709&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/CVE-2024-36401"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/8869ce58-688c-482a-b5eb-0691c4cf47b6</id>
    <title>[Shadowserver] CVE-2022-26134 - Confirmed Exploitation</title>
    <updated>2026-07-06T01:00:34.194409+00:00</updated>
    <content>&lt;h3&gt;CVE-2022-26134&lt;/h3&gt;
&lt;p&gt;&lt;strong&gt;Catalog:&lt;/strong&gt; Shadowserver&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status:&lt;/strong&gt; Confirmed&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Exploited:&lt;/strong&gt; Yes&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Status Updated:&lt;/strong&gt; 2026-07-04 00:00 UTC&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Characteristics:&lt;/strong&gt; Severity: 98&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Evidence Sources:&lt;/strong&gt; 1&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;First Seen:&lt;/strong&gt; 2023-10-13&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Asserted:&lt;/strong&gt; 2023-10-13&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Scope Notes:&lt;/strong&gt; Affected: Atlassian / Confluence | Class: other-software | Severity: Critical (CVSS 9.8) | IoT: no | In CISA KEV: yes | Honeypot connections on 2026-07-04: 61&lt;/p&gt;</content>
    <link href="https://vulnerability.circl.lu/vuln/CVE-2022-26134"/>
    <published>2026-07-04T00:00:00+00:00</published>
  </entry>
</feed>
