For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization …

KEV Catalog (web) KEV Catalog (CSV) KEV Catalog (JSON) KEV Catalog (JSON schema) A detailed list of Known Exploited Vulnerabilities. Available as CSV and JSON files.

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild: the Known Exploited Vulnerability (KEV) catalog. CISA strongly recommends all ...

We’ve seen real positive change from the KEV and associated Binding Operational Directive. But we’re still in the first few laps of a long-distance race. Going forward, we’re focused on a few areas of advancement: The KEV should be easy to use – ideally incorporated into tools already being used to prioritize vulnerability management.

Nov 3, 2021 · Does CISA ever remove entries from the KEV catalog? CISA will only remove a vulnerability if the vendor’s security update for that vulnerability causes a significant unforeseen issue with greater impact than the vulnerability itself. Once the vendor resolves the issue, the vulnerability will be restored to the catalog.

Nov 3, 2021 · CISA issued BOD 22-01 to drive federal agencies to mitigate actively exploited vulnerabilities on their networks, sending a clear message to all organizations across the country to focus patching on the subset of vulnerabilities that are causing harm now, and enable CISA to drive continuous prioritization of vulnerabilities based on our ...

Mar 28, 2025 · For more information on RESURGE, see MAR-25993211.R1.V1.CLEAR and CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure. This page contains the mitigation instructions that correspond to the CISA KEV catalog entry CVE-2025-0282 – Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack …

Jan 8, 2025 · CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-0282 Ivanti Connect Secure Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Oct 12, 2023 · While we encourage all organizations to take action today to reduce their risk to ransomware by reviewing the revised KEV catalog and list of misconfigurations and weaknesses, CISA continues work to shift the responsibility of secure software from the customer to software manufacturers and make products Secure by Design.

Jan 7, 2025 · The KEV Catalog, CPGs, and PRNI exemplify CISA’s commitment to fostering collaboration across public and private sectors. These initiatives have helped to reshape cybersecurity by prioritizing proactive defense, measurable outcomes, and …