For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains …

KEV Catalog (web) KEV Catalog (CSV) KEV Catalog (JSON) KEV Catalog (JSON schema) A detailed list of Known Exploited Vulnerabilities. Available as CSV and JSON files.

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains …

Nov 3, 2021 · Does CISA ever remove entries from the KEV catalog? CISA will only remove a vulnerability if the vendor’s security update for that vulnerability causes a significant …

Sep 18, 2023 · We’ve seen real positive change from the KEV and associated Binding Operational Directive. But we’re still in the first few laps of a long-distance race. Going forward, …

Jun 7, 2022 · CISA has updated the Known Exploited Vulnerabilities (KEV) catalog webpage as well as the FAQs for Binding Operational Directive (BOD) 22-01, Reducing the Significant Risk …

Nov 3, 2021 · CISA issued BOD 22-01 to drive federal agencies to mitigate actively exploited vulnerabilities on their networks, sending a clear message to all organizations across the …

This page contains the mitigation instructions that correspond to the CISA KEV catalog entry CVE-2025-0282 – Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based …

Jan 8, 2025 · CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-0282 Ivanti Connect Secure …

Jan 7, 2025 · The KEV Catalog, CPGs, and PRNI exemplify CISA’s commitment to fostering collaboration across public and private sectors. These initiatives have helped to reshape …