E
All feeds

CISA · Updated within hours of CISA publication

CISA Known Exploited Vulnerabilities

The vulnerabilities US federal agencies must patch — and you should too.

The CISA KEV catalog is the most actionable vulnerability feed in the industry. If a CVE is on KEV, it's being exploited in the real world right now. We mirror it the moment CISA updates, then enrich each entry with affected products, MITRE ATT&CK technique mappings, and which of your stack components match.

Records
CVEs with confirmed in-the-wild exploitation
Refresh cadence
Updated within hours of CISA publication
Source
CISA
License
Public domain · CISA
View source

Subscribe

Add this feed to your daily digest.

Subscriptions live in your browser profile until you connect a real account. Edit anytime from your profile.

/ More feeds

Browse the rest.

NIST · NVD
NVD CVE Stream
MITRE
MITRE ATT&CK & ATLAS Updates
GreyNoise (Community)
GreyNoise Trends
Abuse.ch
Abuse.ch · URLhaus + MalwareBazaar + ThreatFox
AT&T Cybersecurity · OTX
AlienVault OTX Pulses
CISA
CISA Cybersecurity Advisories
FIRST.org
FIRST EPSS — Exploit Prediction
Detect.Respond.Automate.Predict.Defend.Operate.Detect.Respond.Automate.Predict.Defend.Operate.Detect.Respond.Automate.Predict.Defend.Operate.Detect.Respond.Automate.Predict.Defend.Operate.
Detect.Respond.Automate.Predict.Defend.Operate.Detect.Respond.Automate.Predict.Defend.Operate.Detect.Respond.Automate.Predict.Defend.Operate.Detect.Respond.Automate.Predict.Defend.Operate.
WITONE — Innovate Securely

Ready to run on WIT OS?

Talk to the team about a managed deployment, a pilot, or a custom agent — we typically respond within an hour.

Talk to the teamWatch the cinematic tour