CISA Known Exploited Vulnerability Catalog May 2023

For a detailed CISA’s KEV Catalog, download the pdf file here

Summary

The Known Exploited Vulnerability (KEV) catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. To be included in the catalog, a vulnerability must meet three criteria: have a Common Vulnerabilities and Exposures (CVE) ID, reliable evidence of active exploitation, and a clear remediation action such as a vendor-provided update. It is recommended that all organizations review and monitor the KEV catalog, prioritize remediation of listed vulnerabilities, and reduce the likelihood of compromise by threat actors. In May 2023, nineteen vulnerabilities met the criteria for inclusion in the CISA’s KEV catalog.

For a detailed CISA’s KEV Catalog, download the pdf file here