https://github.com/cryptogennepal/cve-kev-rss

CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild and CryptoGen Nepal aims to simplify this for the general public in a more understandable way as well as in a format that can be easily integrated into their threat intelligence systems.
https://github.com/cryptogennepal/cve-kev-rss

cgn cisa cve json kev rss

Last synced: 12 months ago
JSON representation

CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild and CryptoGen Nepal aims to simplify this for the general public in a more understandable way as well as in a format that can be easily integrated into their threat intelligence systems.

• Host: GitHub
• URL: https://github.com/cryptogennepal/cve-kev-rss
• Owner: CryptoGenNepal
• License: mit
• Created: 2025-02-16T17:21:09.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2025-06-20T16:12:11.000Z (12 months ago)
• Last Synced: 2025-06-21T22:02:47.656Z (12 months ago)
• Topics: cgn, cisa, cve, json, kev, rss
• Language: Python
• Homepage: https://kevfeed.vercel.app
• Size: 894 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
![OGImage](output/og.png)

# 🔥 CISA Known Exploited Vulnerabilities

This repository provides an up-to-date JSON and RSS feed of the Known Exploited Vulnerabilities (KEV) catalog maintained by CISA.

## 📢 Latest Updates

🕒 **Last Updated:** 2025-02-17 10:54:29 UTC  

🕕 **Kathmandu Time:** 2025-02-17 16:39:29 NPT

### 🚨 Newly Identified or Updated Vulnerabilities with Known Exploits (KEV)

| CVE ID | Vulnerability Name | Description |

|--------|-------------------|-------------|

| [CVE-2024-57727](https://nvd.nist.gov/vuln/detail/CVE-2024-57727) | SimpleHelp Path Traversal Vulnerability | SimpleHelp remote support software contains multiple path traversal vulnerabilities that allow unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files may include server configuration files and hashed user passwords. |

| [CVE-2025-24200](https://nvd.nist.gov/vuln/detail/CVE-2025-24200) | Apple iOS and iPadOS Incorrect Authorization Vulnerability | Apple iOS and iPadOS contains an incorrect authorization vulnerability that allows a physical attacker to disable USB Restricted Mode on a locked device. |

| [CVE-2024-41710](https://nvd.nist.gov/vuln/detail/CVE-2024-41710) | Mitel SIP Phones Argument Injection Vulnerability | Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit, contain an argument injection vulnerability due to insufficient parameter sanitization during the boot process. Successful exploitation may allow an attacker to execute arbitrary commands within the context of the system. |

| [CVE-2024-40891](https://nvd.nist.gov/vuln/detail/CVE-2024-40891) | Zyxel DSL CPE OS Command Injection Vulnerability | Multiple Zyxel DSL CPE devices contain a post-authentication command injection vulnerability in the management commands that could allow an authenticated attacker to execute OS commands via Telnet. |

| [CVE-2024-40890](https://nvd.nist.gov/vuln/detail/CVE-2024-40890) | Zyxel DSL CPE OS Command Injection Vulnerability | Multiple Zyxel DSL CPE devices contain a post-authentication command injection vulnerability in the CGI program that could allow an authenticated attacker to execute OS commands via a crafted HTTP request. |

| [CVE-2025-21418](https://nvd.nist.gov/vuln/detail/CVE-2025-21418) | Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability | Microsoft Windows Ancillary Function Driver for WinSock contains a heap-based buffer overflow vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges. |

| [CVE-2025-21391](https://nvd.nist.gov/vuln/detail/CVE-2025-21391) | Microsoft Windows Storage Link Following Vulnerability | Microsoft Windows Storage contains a link following vulnerability that could allow for privilege escalation. This vulnerability could allow an attacker to delete data including data that results in the service being unavailable. |

| [CVE-2025-0994](https://nvd.nist.gov/vuln/detail/CVE-2025-0994) | Trimble Cityworks Deserialization Vulnerability | Trimble Cityworks contains a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer's Microsoft Internet Information Services (IIS) web server. |

| [CVE-2020-15069](https://nvd.nist.gov/vuln/detail/CVE-2020-15069) | Sophos XG Firewall Buffer Overflow Vulnerability | Sophos XG Firewall contains a buffer overflow vulnerability that allows for remote code execution via the "HTTP/S bookmark" feature. |

| [CVE-2020-29574](https://nvd.nist.gov/vuln/detail/CVE-2020-29574) | CyberoamOS (CROS) SQL Injection Vulnerability | CyberoamOS (CROS) contains a SQL injection vulnerability in the WebAdmin that allows an unauthenticated attacker to execute arbitrary SQL statements remotely. |

## 📂 How to Use

### 🔗 JSON Feed

- URL: [CISA KEV JSON Feed](https://kevfeed.vercel.app/CISA-KEV.json)

- This feed follows the [JSON Feed format](https://jsonfeed.org/version/1).

### 🔗 RSS Feed

- URL: [CISA KEV RSS Feed](https://kevfeed.vercel.app/CISA-KEV.xml)

- This RSS feed is useful for integrating with **FreshRSS**, **RSS readers**, and **automation tools**.

## 🤝 Contributing

If you find any issues or have suggestions, feel free to open an issue or submit a pull request.