THE Known Exploited Vulnerabilities (KEV) Catalog, maintained by CISA, serves as an authoritative source for vulnerabilities that have been actively exploited, aiding organizations in their vulnerability management strategies. The catalog includes details about vulnerabilities like CVE-2026-58644, a Microsoft SharePoint vulnerability allowing unauthorized code execution through deserialization of untrusted data.
Organizations are encouraged to apply mitigations from the vendor and comply with CISA's guidelines for patch management. Users can nominate new vulnerabilities for inclusion, access the catalog in various formats, and subscribe for updates.