CVE.ICU
KEV Analysis
CISA Known Exploited Vulnerabilities Catalog - Actively exploited CVEs
-
Total KEV CVEs
All time
-
Added Last 30 Days
Recent additions
-
Added Last 90 Days
Quarter trend
-
Ransomware Associated
Known campaign use
KEV Additions Timeline
Monthly additions to the KEV catalogTop Vendors
By KEV CVE countLoading...
KEV by CVE Publication Year
When were exploited CVEs originally published?Top CWEs in KEV
Most common weakness types being exploitedRecent KEV Additions
Latest vulnerabilities added to the catalog| CVE ID | Vendor / Product | Date Added | Due Date | Ransomware |
|---|---|---|---|---|
| Loading... | ||||
Top Vendor/Products
Products with the most exploited vulnerabilitiesAbout CISA KEV
The Known Exploited Vulnerabilities (KEV) Catalog is maintained by CISA (Cybersecurity and Infrastructure Security Agency) and contains vulnerabilities that have been confirmed to be actively exploited in the wild.
- Authority: U.S. federal agencies are required to remediate KEV vulnerabilities within specified timeframes (BOD 22-01)
- Criteria: CVE must have assigned CVE ID, evidence of active exploitation, and clear remediation guidance
- Source: CISA KEV Catalog
If a vulnerability is in KEV, it should be treated as high priority regardless of its CVSS or EPSS scores.