Vulncheck Kev


Frequently Asked Questions about working with and integrating with VulnCheck KEV.

Below are some questions that sometimes come up when folks first learn about VulnCheck KEV.

Frequently Asked Questions

What is VulnCheck Known Exploited Vulnerabilities (KEV) catalog?

VulnCheck Known Exploited Vulnerabilities (KEV) catalog is a free offering that provides security teams and detection engineers with advanced intelligence on vulnerabilities being actively exploited in the wild so they can better manage threats, solve the prioritization challenge and outpace adversaries.

VulnCheck KEV was designed to expand on CISA KEV’s foundation:

  • Earlier Visibility into Known Exploited Vulnerabilities (currently, an average of 27 days earlier than CISA KEV)
  • Broader Visibility into Exploited Vulnerabilities not listed on CISA KEV (currently, 80% more vulnerabilities than CISA KEV)
  • Evidence Supported (why the vulnerability is marked as exploited in the wild)

How do I gain access to VulnCheck KEV?

Signup for a free VulnCheck Community account on

How much does VulnCheck KEV cost?

It's free! We only ask for prominent attribution to VulnCheck.

I discovered an exploited vulnerability that is not on VulnCheck KEV, how can I get the vulnerability added to VulnCheck KEV?

Send us a note with supporting details at

Our goal is to provide real legitimate sources for known exploited vulnerabilities, however, over time the original content might have been removed or moved due for a multitude of reasons such as acquisition, divestiture, or a website migration. Because of this, we suggest using the Internet Archive to look up older dead links around their date of publish. Also, if you stumble upon a dead link, let us know via and we'll do our best to get a working replacement.

How does the VulnCheck KEV from VulnCheck differ from VulnCheck's Exploit & Vulnerability Intelligence product?

VulnCheck KEV represents less than one-tenth of 1% of our commercially-available Exploit & Vulnerability Intelligence product.

Below are some of the features of VulnCheck Exploit & Vulnerability Intelligence, which are not included in VulnCheck KEV:

  • Exploit Intelligence
    • Exploitation timeline
    • Exploit maturity
    • Exploit availability
    • Commercial exploit PoC tracking
    • Exploit type
    • Git clone URLs
    • Git history
    • Cached exploit PoCs
    • Exploited by Threat Actors / APT
    • Exploited by Ransomware groups
    • Exploited by Botnets
    • Threat Actors / APT <-> CVE mapping
    • Ransomware groups <-> CVE mapping
    • Botnets <-> CVE mapping
    • Threat Actors / APT <-> Cybersecurity Vendor naming scheme
    • Offline backups of all Exploit Intelligence data
    • SLA: Uptime guarantees
  • Vulnerability Intelligence
    • Average of 10x as many references
    • Vulnerability Status
    • Vulnerability Alias
    • CVSS v2 Temporal Scores
    • CVSS v3 Temporal Scores
    • MITRE ATT&CK mapping
    • MITRE CAPEC mapping
    • Additional CWE mapping
    • Additional CWE data
    • Vulnerability categorization
    • Foreign vulnerability data sources
    • Package URL lookup support
    • Operating System (OS) package manager coverage
    • Open Source Software (OSS) library package manager coverage
    • End-of-Life (EOL) coverage for Operating Systems (OS)
    • Offline backups of all Vulnerability Intelligence data
    • SLA: Uptime guarantees