THE Known Exploited Vulnerabilities (KEV) Catalog maintained by CISA serves as a vital resource for the cybersecurity community, helping organizations manage and prioritize vulnerabilities. It specifically lists vulnerabilities that have been actively exploited in the wild, allowing network defenders to improve their defenses. An example entry is CVE-2009-3459, which details a heap-based buffer overflow vulnerability in Adobe Acrobat that could allow remote code execution via a specially crafted PDF.
The catalog is available in various formats including CSV and JSON, and organizations are encouraged to apply vendor mitigations and stay informed through updates.