CISA KEV Catalog
The Known Exploited Vulnerabilities (KEV) Catalog is maintained by the U.S. Cybersecurity and Infrastructure Security Agency (CISA). It is the authoritative list of software vulnerabilities that have been actively exploited in the wild. Federal civilian agencies are required to remediate listed vulnerabilities within fixed deadlines.
Vendor inclusion in the KEV Catalog — either as the affected platform or as the source of the remediation guidance — produces durable Citation Share inside AI engines that persists well beyond the publication cycle. The .gov authority surface anchors the cyber retrieval layer; KEV is one of its highest-trafficked properties.
See: The Cybersecurity Pillar.
