KEV (Known Exploited Vulnerabilities)
A catalog maintained by CISA listing vulnerabilities that are actively being exploited in the wild.
What is KEV (Known Exploited Vulnerabilities)?
What is KEV (Known Exploited Vulnerabilities)?
The Known Exploited Vulnerabilities catalog, maintained by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), lists CVEs with confirmed active exploitation. Federal agencies are required to remediate KEV entries within specified timeframes. For all organizations, the KEV catalog is a powerful prioritization tool — any vulnerability on this list should be treated as urgent regardless of its CVSS score, because attackers are actively exploiting it.
Ready to secure your stack?
Secure your entire stack today
Start scanning in under 5 minutes. No credit card required. 14-day free trial included.