Kaspersky Privately held vendor of internet security solutions for businesses and consumers
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Kaspersky product.
RSS Feeds for Kaspersky security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Kaspersky products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Kaspersky Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2026 there have been 0 vulnerabilities in Kaspersky. Last year, in 2025 Kaspersky had 1 security vulnerability published. Right now, Kaspersky is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 6.10 |
| 2024 | 2 | 8.80 |
| 2023 | 0 | 0.00 |
| 2022 | 2 | 7.65 |
| 2021 | 3 | 6.93 |
| 2020 | 1 | 7.80 |
| 2019 | 9 | 5.37 |
| 2018 | 5 | 0.00 |
It may take a day or so for new Kaspersky vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Kaspersky Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2025-64984 | Nov 20, 2025 |
Kaspersky Endpoint Security XSS via AV DBs <18.11.2025Kaspersky has fixed a security issue in Kaspersky Endpoint Security for Linux (any version with anti-virus databases prior to 18.11.2025), Kaspersky Industrial CyberSecurity for Linux Nodes (any version with anti-virus databases prior to 18.11.2025), and Kaspersky Endpoint Security for Mac (12.0.0.325, 12.1.0.553, and 12.2.0.694 with anti-virus databases prior to 18.11.2025) that could have allowed a reflected XSS attack to be carried out by an attacker using phishing techniques. |
Endpoint Security
|
| CVE-2023-23349 | Mar 22, 2024 |
Local User Can Dump Kaspersky Password Manager Chrome Extension CredentialsKaspersky has fixed a security issue in Kaspersky Password Manager (KPM) for Windows that allowed a local user to recover the auto-filled credentials from a memory dump when the KPM extension for Google Chrome is used. To exploit the issue, an attacker must trick a user into visiting a login form of a website with the saved credentials, and the KPM extension must autofill these credentials. The attacker must then launch a malware module to steal those specific credentials. |
Password Manager
|
| CVE-2024-1619 | Feb 29, 2024 |
Kaspersky Security 8.0 Linux Mail Server: Clickthrough ExploitKaspersky has fixed a security issue in the Kaspersky Security 8.0 for Linux Mail Server. The issue was that an attacker could potentially force an administrator to click on a malicious link to perform unauthorized actions. |
Security
|
| CVE-2021-27223 | Apr 01, 2022 |
A denial-of-service issue existed in one of modulesA denial-of-service issue existed in one of modules that was incorporated in Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security. A local user could cause Windows crash by running a specially crafted binary module. The fix was delivered automatically. Credits: (Straghkov Denis, Kurmangaleev Shamil, Fedotov Andrey, Kuts Daniil, Mishechkin Maxim, Akolzin Vitaliy) @ ISPRAS |
Anti Virus
Endpoint Security
Internet Security
And others... |
| CVE-2022-27534 | Apr 01, 2022 |
Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had a bug in a data parsing moduleKaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had a bug in a data parsing module that potentially allowed an attacker to execute arbitrary code. The fix was delivered automatically. Credits: Georgy Zaytsev (Positive Technologies). |
Anti Virus
Endpoint Security
Internet Security
And others... |
| CVE-2021-35052 | Nov 23, 2021 |
A component in Kaspersky Password Manager couldA component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High. |
Password Manager
|
| CVE-2020-27020 | May 14, 2021 |
Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentiallyPassword generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information (for example, time of password generation). |
Password Manager
|
| CVE-2021-26718 | Apr 01, 2021 |
KIS for macOS in some use cases was vulnerable to AV bypassKIS for macOS in some use cases was vulnerable to AV bypass that potentially allowed an attacker to disable anti-virus protection. |
Internet Security
|
| CVE-2020-28950 | Dec 04, 2020 |
The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attackThe installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process. |
Anti Ransomware Tool
|
| CVE-2019-15689 | Dec 02, 2019 |
Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bugKaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bug that allows a local user to execute arbitrary code via execution compromised file placed by an attacker with administrator rights. No privilege escalation. Possible whitelisting bypass some of the security products |
Kaspersky Internet Security
Secure Connection
Security Cloud
And others... |
| CVE-2019-15685 | Nov 26, 2019 |
Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection componentKaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component allowed an attacker remotely disable such product's security features as private browsing and anti-banner. Bypass. |
Anti Virus
Internet Security
Security Cloud
And others... |
| CVE-2019-15686 | Nov 26, 2019 |
Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection componentKaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component allowed an attacker remotely disable various anti-virus protection features. DoS, Bypass. |
Anti Virus
Internet Security
Security Cloud
And others... |
| CVE-2019-15687 | Nov 26, 2019 |
Kaspersky Anti-VirusKaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component was vulnerable to remote disclosure of various information about the user's system (like Windows version and version of the product, host unique ID). Information Disclosure. |
Anti Virus
Internet Security
Security Cloud
And others... |
| CVE-2019-15688 | Nov 26, 2019 |
Kaspersky Anti-VirusKaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component did not adequately inform the user about the threat of redirecting to an untrusted site. Bypass. |
Anti Virus
Internet Security
Security Cloud
And others... |
| CVE-2019-15684 | Nov 25, 2019 |
Kaspersky Protection extension for web browser Google Chrome prior to 30.112.62.0 was vulnerable to unauthorized access to its features remotelyKaspersky Protection extension for web browser Google Chrome prior to 30.112.62.0 was vulnerable to unauthorized access to its features remotely that could lead to removing other installed extensions. |
Protection
|
| CVE-2019-8287 | Oct 29, 2019 |
TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code executionTightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity. |
|
| CVE-2019-8286 | Jul 18, 2019 |
Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security versions up to 2019 could potentially disclose unique Product ID by forcing victim to visit a specially crafted webpage (for exampleInformation Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security versions up to 2019 could potentially disclose unique Product ID by forcing victim to visit a specially crafted webpage (for example, via clicking phishing link). Vulnerability has CVSS v3.0 base score 2.6 |
Anti Virus
Free Anti Virus
Internet Security
And others... |
| CVE-2019-8285 | May 08, 2019 |
Kaspersky Lab Antivirus Engine version before 04.apr.2019 has a heap-based buffer overflow vulnerabilityKaspersky Lab Antivirus Engine version before 04.apr.2019 has a heap-based buffer overflow vulnerability that potentially allow arbitrary code execution |
Antivirus Engine
|
| CVE-2018-6306 | Apr 19, 2018 |
Unauthorized code executionUnauthorized code execution from specific DLL and is known as DLL Hijacking attack in Kaspersky Password Manager versions before 8.0.6.538. |
Password Manager
|
| CVE-2018-6291 | Feb 06, 2018 |
WebConsole Cross-Site Scripting in Kaspersky Secure Mail Gateway version 1.1.WebConsole Cross-Site Scripting in Kaspersky Secure Mail Gateway version 1.1. |
Secure Mail Gateway
|
| CVE-2018-6290 | Feb 06, 2018 |
Local Privilege Escalation in Kaspersky Secure Mail Gateway version 1.1.Local Privilege Escalation in Kaspersky Secure Mail Gateway version 1.1. |
Secure Mail Gateway
|
| CVE-2018-6289 | Feb 06, 2018 |
Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1.Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1. |
Secure Mail Gateway
|
| CVE-2018-6288 | Feb 06, 2018 |
Cross-site Request Forgery leading to Administrative account takeover in Kaspersky Secure Mail Gateway version 1.1.Cross-site Request Forgery leading to Administrative account takeover in Kaspersky Secure Mail Gateway version 1.1. |
Secure Mail Gateway
|
| CVE-2017-12817 | Aug 25, 2017 |
In Kaspersky Internet Security for Android 11.12.4.1622In Kaspersky Internet Security for Android 11.12.4.1622, some of the application trace files were not encrypted. |
Internet Security
|
| CVE-2017-12816 | Aug 25, 2017 |
In Kaspersky Internet Security for Android 11.12.4.1622, some of application exports activities have weak permissionsIn Kaspersky Internet Security for Android 11.12.4.1622, some of application exports activities have weak permissions, which might be used by a malware application to get unauthorized access to the product functionality by using Android IPC. |
Internet Security
|
| CVE-2016-4304 | Jan 06, 2017 |
A denial of service vulnerability exists in the syscall filtering functionality of the Kaspersky Internet Security KLIF driverA denial of service vulnerability exists in the syscall filtering functionality of the Kaspersky Internet Security KLIF driver. A specially crafted native api call request can cause a access violation exception in KLIF kernel driver resulting in local denial of service. An attacker can run program from user-mode to trigger this vulnerability. |
Internet Security
|
| CVE-2016-4305 | Jan 06, 2017 |
A denial of service vulnerability exists in the syscall filtering functionality of Kaspersky Internet Security KLIF driverA denial of service vulnerability exists in the syscall filtering functionality of Kaspersky Internet Security KLIF driver. A specially crafted native api call can cause a access violation in KLIF kernel driver resulting in local denial of service. An attacker can run program from user-mode to trigger this vulnerability. |
Internet Security
|
| CVE-2016-4306 | Jan 06, 2017 |
Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driverMultiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver. Specially crafted IOCTL requests can cause the driver to return out-of-bounds kernel memory, potentially leaking sensitive information such as privileged tokens or kernel memory addresses that may be useful in bypassing kernel mitigations. An unprivileged user can run a program from user-mode to trigger this vulnerability. |
Total Security
|
| CVE-2016-4307 | Jan 06, 2017 |
A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driverA denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. A specially crafted IOCTL signal can cause an access violation in KL1 kernel driver resulting in local system denial of service. An attacker can run a program from user-mode to trigger this vulnerability. |
Internet Security
|
| CVE-2016-4329 | Jan 06, 2017 |
A local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus softwareA local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus software. Sending certain unhandled window messages, an attacker can cause application termination and in the same way bypass KAV self-protection mechanism. |
Total Security
|
| CVE-2010-5163 | Aug 25, 2012 |
Race condition in Kaspersky Internet Security 2010 9.0.0.736 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous codeRace condition in Kaspersky Internet Security 2010 9.0.0.736 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute |
Kaspersky Internet Security 2010
|