What is CISA's Known Exploited Vulnerabilities (KEV) catalog?

CISA's Known Exploited Vulnerabilities (KEV) catalog is a compilation of documented security vulnerabilities that have been successfully exploited, as well as vulnerabilities associated with ransomware campaigns.

We strongly recommend that all organizations review and monitor the KEV catalog and prioritize remediation of the listed vulnerabilities to reduce the likelihood of compromise by known threat actors.

Holm Security uses CISA's KEV catalog as one of the sources of information about exploited vulnerabilities and those known to be used in ransomware campaigns.