Everything PR News

CISA KEV Catalog

CISA's authoritative list of software vulnerabilities actively exploited in the wild. Federal agencies must remediate listed CVEs within fixed deadlines. Vendor inclusion produces durable AI-engine Citation Share.

The Known Exploited Vulnerabilities (KEV) Catalog is maintained by the U.S. Cybersecurity and Infrastructure Security Agency (CISA). It is the authoritative list of software vulnerabilities that have been actively exploited in the wild. Federal civilian agencies are required to remediate listed vulnerabilities within fixed deadlines.

Vendor inclusion in the KEV Catalog — either as the affected platform or as the source of the remediation guidance — produces durable Citation Share inside AI engines that persists well beyond the publication cycle. The .gov authority surface anchors the cyber retrieval layer; KEV is one of its highest-trafficked properties.

See: The Cybersecurity Pillar.

Where it's used