Critical Threat Feed

Showing vulnerabilities with a CRITICAL rating or those confirmed to be actively exploited by CISA.

CVSS 9.3

CVE-2025-29814

Target: Microsoft Partner Center
CVSS 7

CVE-2025-26633

Actively Exploited

Target: Microsoft Management Console
CVSS 7.8

CVE-2025-24993

Actively Exploited

Target: Windows - NTFS
CVSS 7.8

CVE-2025-24985

Actively Exploited

Target: Windows - Fast FAT Driver
CVSS 7

CVE-2025-24983

Actively Exploited

Target: Windows - Win32 Kernel Subsystem
CVSS 9.8

CVE-2025-27816

Target: InfoScale - Plugin_Host
CVSS 7.8

CVE-2025-21418

Actively Exploited

Target: Windows - Ancillary Function Driver for WinSock
CVSS 7.1

CVE-2025-21391

Actively Exploited

Target: Windows - Storage
CVSS 9

CVE-2025-21198

Target: Microsoft HPC Pack
CVSS 8.8

CVE-2025-0994

Actively Exploited

Target: Cityworks - Web Server
CVSS 9.1

CVE-2025-0502

Target: CrafterCMS Engine
CVSS 7.8

CVE-2025-21335

Actively Exploited

Target: Windows - Hyper-V NT Kernel Integration
CVSS 7.8

CVE-2025-21334

Actively Exploited

Target: Windows - Hyper-V NT Kernel Integration
CVSS 7.8

CVE-2025-21333

Actively Exploited

Target: Windows Hyper-V - NT Kernel Integration VSP
CVSS 9.8

CVE-2025-21311

Target: Windows - NTLM
CVSS 9.8

CVE-2025-21307

Target: Windows - Reliable Multicast Transport Driver (RMCAST)
CVSS 9.1

CVE-2025-1111

Target: Microsoft Exchange Server - Exchange
CVSS 9.8

CVE-2025-21298

Target: Windows - OLE