IsItPatched — Is your software version safe? Free CVE & end-of-life checker<br>Skip to content Is ItPatched ? Feed live<br>Feeds Roadmap Feedback Privacy<br>isitpatched.com · Security report Data as of Sat, 13 Jun 2026 17:02:08 UTC<br>Is your software version safe? Find the minimum version you should be running.<br>Check → Name, name + version, or paste the output of nginx -v or php -v
290<br>Products tracked iThe software products IsItPatched monitors — 290 today, expanding over time.
160<br>Products being exploited iTracked products with at least one vulnerability in CISA's Known Exploited Vulnerabilities (KEV) catalog — being exploited in the wild right now.
Nothing new today iNew CVEs added to CISA's exploited list today (UTC) affecting tracked products. Resets at midnight UTC.
986<br>CVEs actively exploited iTotal vulnerabilities across tracked products currently on CISA's KEV list. Tap to see them all.
Upcoming end-of-life iTracked product release cycles reaching end-of-life soon — after these dates they no longer receive security patches.<br>Releases reaching end-of-life soon — soonest first.<br>Jun17'26 Drupal cycle 11.2 · in Jun17'26 Drupal cycle 10.5 · in Jun18'26 GitLab cycle 18.10 · in Jun23'26 Grafana cycle 12.2 · in Jun25'26 Grafana cycle 11.6 · in Jun28'26 Kubernetes cycle 1.33 · in Jun30'26 Spring Framework cycle 6.2 · in 1mo Jul1'26 F5 BIG-IP cycle 16.1 · in 1mo Jul1'26 Ubuntu cycle 25.10 · in 1mo Jul6'26 MariaDB cycle 10.6 · in 1mo<br>View the full end-of-life calendar →<br>Needs attention iScore 0–100. Starts at 100, minus points per open Critical / High / Medium CVE. Capped at 20 if actively exploited (in CISA KEV), and 40 if the version is end-of-life. Higher = safer.<br>The most at-risk tracked products, worst first.<br>Healthy / Good: 85Attention: 13High risk / Critical: 191Unknown: 1 205 of 290 need attention<br>Cisco ASA Cisco · all versions<br>0/100<br>Critical · exploited Fortinet FortiOS Fortinet · all versions<br>0/100<br>Critical · exploited Palo Alto PAN-OS Palo Alto Networks · all versions<br>0/100<br>Critical · exploited Ivanti Connect Secure Ivanti · all versions<br>0/100<br>Critical · exploited SonicWall SonicOS SonicWall · all versions<br>0/100<br>Critical · exploited Oracle WebLogic Oracle · all versions<br>0/100<br>Critical · exploited View & search all 290 products →<br>Live exploitation radar iThe most recently published vulnerabilities being actively exploited in the wild (CISA KEV), affecting products we track.<br>Actively-exploited CVEs across tracked products — newest first.<br>CVE-2026-35273 · PeopleSoft Enterprise PeopleTools CVE-2026-10520 · Sentry CVE-2026-50751 · Check Point Gaia CVE-2026-7473 · EOS CVE-2026-20245 · Catalyst SD-WAN Manager CVE-2026-48027 · Nx Console<br>CVE-2026-35273 PeopleSoft Enterprise PeopleTools<br>EPSS 22% exploited CVE-2026-10520 Sentry<br>EPSS 43% exploited CVE-2026-50751 Check Point Gaia<br>EPSS 12% exploited CVE-2026-7473 EOS<br>EPSS 27% exploited CVE-2026-20245 Catalyst SD-WAN Manager<br>EPSS 0% exploited CVE-2026-48027 Nx Console<br>EPSS 32% exploited View all 986 actively-exploited CVEs →
CVE disclosure trend iNew CVEs published across tracked products, by month — last 12 months. A volume signal, not a verdict.<br>3,528 CVEs disclosed across tracked products in the last 12 months.<br>Jul 2025: 366 CVEs disclosedAug 2025: 196 CVEs disclosedSept 2025: 168 CVEs disclosedOct 2025: 333 CVEs disclosedNov 2025: 134 CVEs disclosedDec 2025: 236 CVEs disclosedJan 2026: 296 CVEs disclosedFeb 2026: 321 CVEs disclosedMar 2026: 309 CVEs disclosedApr 2026: 469 CVEs disclosedMay 2026: 439 CVEs disclosedJun 2026: 261 CVEs disclosed JulAugSeptOctNovDecJanFebMarAprMayJun
Security overview<br>IsItPatched tracks 290 widely-used software products — web servers, databases, CMS platforms, frameworks and infrastructure — and checks every version against known vulnerabilities (NVD), active exploitation (CISA KEV), exploitation probability (EPSS) and end-of-life dates. Right now 160 tracked products are affected by vulnerabilities under active exploitation, and the average health score across the catalogue is 37/100. The products needing attention most urgently include Cisco ASA, Fortinet FortiOS, Palo Alto PAN-OS. The next release to reach end-of-life is Drupal (cycle 11.2) on 2026-06-17. For any product, IsItPatched shows the minimum safe version you should upgrade to.
What the statuses mean<br>Healthy / GoodOn the latest supported version — no, or only minor, known issues.<br>AttentionHas open vulnerabilities worth patching soon.<br>High risk / CriticalSerious open vulnerabilities (high CVSS severity). A fix almost always exists — upgrade to the recommended version.<br>Critical · exploitedSerious vulnerabilities being actively exploited right now (in CISA's KEV list). Patch urgently.<br>End of lifeNo longer receives security patches — this is the true "no-fix" case. Move to a supported version.
Missing a product or a feature?<br>Tell us what you'd like IsItPatched to track or build next — we read every message.
Send feedback →<br>986 CVEs actively exploited © 2026 IsItPatched...