For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative …

A list of Known Exploited Vulnerabilities.

Mar 3, 2026 · CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

Mar 20, 2026 · Laravel Livewire Code Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding …

Learn about the importance of CISA's Known Exploited Vulnerability (KEV) catalog and how to use it to help build a collective resilience across the cybersecurity community.

Sep 18, 2023 · The KEV should be easy to use – ideally incorporated into tools already being used to prioritize vulnerability management. Federal agencies are able to see their open KEVs in their …

Jan 7, 2025 · The KEV Catalog, CPGs, and PRNI exemplify CISA’s commitment to fostering collaboration across public and private sectors. These initiatives have helped to reshape …

Feb 10, 2026 · Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common …

Mar 5, 2026 · CISA

Dec 9, 2025 · CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-55182 Meta React Server Components …