CISA Known Exploited Vulnerabilities (KEV)¶
This section captures durable, actionable guidance triggered by noteworthy additions to CISA’s Known Exploited Vulnerabilities catalog.
How to use this¶
- Treat KEV entries as “move now” signals.
- Focus on:
- internet-exposed assets
- identity / edge products
- unauthenticated RCE / auth bypass classes
- For each alert page, follow the triage → mitigation → hunt flow.
Feed¶
- Official KEV JSON feed: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json