Introduction

VulnCheck Known Exploited Vulnerabilities (KEV) catalog makes it easy for enterprises, government agencies, and vendors, to know which vulnerabilities have been reported as exploited in the wild.

A Video Overview of VulnCheck KEV

What's included in VulnCheck KEV?

With the rapid growth and exploitation of vulnerabilities, speed and breadth of data remain the most valuable assets to vulnerability management first responders. Currently, VulnCheck tracks 1000's more (or 2x) vulnerabilities exploited in the wild than CISA, and alerts customers before missing exploits are added to the CISA KEV catalog an average of 27 days earlier. VulnCheck’s KEV catalog equips cybersecurity vendors and vulnerability management teams with faster, broader coverage in an efficient machine-readable dataset needed for detection, prioritization, and remediation.

More vulnerabilities

VulnCheck provides security teams with the largest real-time collection of known exploited vulnerabilities. The offering encompasses all vulnerabilities listed in the CISA KEV catalog, plus approximately 80% more reported as exploited in the wild.

Exploit references from VulnCheck XDB

VulnCheck’s catalog adds the much-needed context to CVEs. The catalog includes supplementary external links to exploit content available in VulnCheck XDB, referencing publicly-available exploit proof of concept code where possible. This intelligence arms engineers with the information needed to build better detections and get them in the hands of defenders faster.

References on why we believe it's exploited in the wild

VulnCheck provides citations for each and every CVE, so security teams have a clearer picture of why the vulnerability is on the list. When threat actors, ransomware groups, or botnets are involved in the vulnerability exploitation, VulnCheck cites evidence.