security

KEV

Known Exploited Vulnerabilities Catalog

Definition

The KEV catalog is maintained by CISA and lists CVEs with confirmed evidence of active exploitation in the wild. U.S.

federal agencies are required to remediate KEV entries within mandated timelines; private organizations use it as a prioritization signal. A vulnerability in the KEV catalog is the strongest available indicator that immediate patching is warranted.

Related Terms

CVE

Common Vulnerabilities and Exposures

EPSS

Exploit Prediction Scoring System

CVSS

Common Vulnerability Scoring System

← Back to Glossary

Ship secure code faster

Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.

Talk to a Human See the Product