What is the ENISA EU Vulnerability Database Known Exploited Vulnerabilities list?

The ENISA EU Vulnerability Database (EUVD) Known Exploited Vulnerabilities (KEV) list is a focused collection of vulnerabilities that have been identified by the European Union Agency for Cybersecurity (ENISA) as actively exploited by cybercriminals. Maintained by ENISA, this list highlights high-risk vulnerabilities that pose real-world threats.

The Cyber Resilience Act (CRA) requires manufacturers in Europe to report all disclosed vulnerabilities to ENISA. As a result, the EUVD will continuously grow as new vulnerabilities are reported and published.

We strongly recommend that all organizations review and monitor the EUVD catalog and prioritize remediation of the listed vulnerabilities to reduce the likelihood of compromise by known threat actors.