THE Known Exploited Vulnerabilities (KEV) Catalog is maintained by CISA to aid cybersecurity professionals in managing and prioritizing vulnerabilities that have been actively exploited. The catalog serves as a resource for organizations to enhance their vulnerability management strategies. It includes detailed information on specific vulnerabilities, such as CVE-2026-9082, a SQL injection vulnerability in Drupal Core that could lead to privilege escalation and remote code execution.
The catalog is accessible in multiple formats (CSV, JSON) and includes a section for user submissions of additional vulnerabilities. Users can subscribe for updates on the latest entries in the KEV Catalog.