CISA Known Exploited Vulnerabilities (KEV) — What It Means and Why It Changes Patch Priority
The CISA Known Exploited Vulnerabilities (KEV) Catalog lists CVEs that are confirmed to be actively exploited in the wild. This SECMONS glossary entry explains what KEV is, how vulnerabilities are added, how due dates work, and how defenders should operationalize KEV tracking in enterprise environments.