CISA Known Exploited Vulnerabilities Catalog
cisa-kev · HIGH · active
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Authoritative for actively-exploited vulns with federal remediation deadlines. WebFetch is reliably HTTP 403 on this host (transport-side block on the routine UA, ongoing since 2026-05-06; re-confirmed 2026-05-08). REQUIRED FETCH METHOD for both main agent AND every sub-agent: `python3 tools/fetch_source.py cisa-kev` returns the full KEV JSON catalog. Do NOT call WebFetch on cisa.gov; treat the 403 as a transport block — it never demotes the source. | 2026-06-20 full audit (v2.62): live=Y, drill=Y. FETCH → api: python3 tools/fetch_source.py cisa-kev (full KEV JSON catalog, each entry is a drillable CVE record). AVOID: Do NOT WebFetch cisa.gov — reliably 403s the routine UA. The api subcommand is the only supported path..
Cited in 12 briefs
Citation cadence
Brief appearances per ISO week (7 weeks of coverage span, total 10).
- CTI Weekly Summary — 2026-W25 (Jun 15 – Jun 21, 2026)2026-W25
- CTI Weekly Summary — 2026-W21 (May 18 – May 24, 2026)2026-W21
- CTI Daily Brief — 2026-06-202026-06-20
- CTI Daily Brief — 2026-06-182026-06-18
- CTI Daily Brief — 2026-06-172026-06-17
- CTI Daily Brief — 2026-06-162026-06-16
- CTI Daily Brief — 2026-06-032026-06-03
- CTI Daily Brief — 2026-05-292026-05-29
- CTI Daily Brief — 2026-05-282026-05-28
- CTI Daily Brief — 2026-05-222026-05-22
- CTI Daily Brief — 2026-05-172026-05-17
- CTI Daily Brief — 2026-05-092026-05-09