Known Exploited Vulnerabilities

CISA provides the so called Known Exploited Vulnerabilities Catalog (KEV) which contains information about security issues, that have been exploited in the wild.

KEV Data Fields

VulDB provides KEV data within vulnerability entries on the web site and via the Vulnerability API. Initially data was not stored in the VulDB Monoblock but made available as virtual fields. Since April 2024 these fields were upgraded from virtual fields to monoblock fields to be reflected in updates as well.

  • exploit_kev_vendorproject
  • exploit_kev_product
  • exploit_kev_vulnerabilityname
  • exploit_kev_shortdescription
  • exploit_kev_added
  • exploit_kev_due
  • exploit_kev_requiredaction
  • exploit_kev_knownransomware
  • exploit_kev_notes

Alternative Exploiting Indicators

If KEV information is not available, you may use other data points to determine the exploit maturity level and if exploiting happened already. The reliability of these possibilities in descending order are:

  • vulnerability_cvss4_vuldb_e = A
  • exploit_publicity = public
  • vulnerability_cvss{2,3}_vuldb_e = H
  • source_msf_id > 0
  • source_exploitdb > 0
  • source_zerodaycz_id > 0

Predictive CTI Capabilities

Our unique Cyber Threat Intelligence approach provides predictive capabilities to anticipate emerging exploit research and upcoming exploiting.

Might our Artificial Intelligence support you?

Check our Alexa App!