THE Known Exploited Vulnerabilities (KEV) Catalog, maintained by CISA, serves as a comprehensive source for vulnerabilities actively exploited in the wild. Organizations are encouraged to use this catalog for prioritizing their vulnerability management efforts. The catalog includes detailed information about specific vulnerabilities, such as CVE-2026-7473 related to Arista's Extensible Operating System, which poses risks due to incomplete comparison handling of packet decapsulation.
It features actionable mitigation strategies, information on related Common Weakness Enumerations (CWE), and announcements for updates on newly added vulnerabilities. Users can subscribe for updates and access the catalog in various formats including CSV and JSON.