You are currently viewing Reducing the Significant Risk of Known Exploited Vulnerabilities

Reducing the Significant Risk of Known Exploited Vulnerabilities

CISA will update this catalog with additional exploited vulnerabilities as they become known, subject to an executive level CISA review and when they satisfy the following thresholds:

  • The vulnerability has an assigned Common Vulnerabilities and Exposures (CVE) ID.
  • There is reliable evidence that the vulnerability has been actively exploited in the wild.
  • There is a clear remediation action for the vulnerability, such as a vendor provided update.

More information https://www.cisa.gov/known-exploited-vulnerabilities-catalog