cyble

2025 CISA KEV Catalog Hits 1,484 Exploited Vulnerabilities

CISA's Known Exploited Vulnerabilities catalog grew to 1,484 entries in 2025, adding 245 new flaws—a 30% increase over previous years. The catalog now includes 24 vulnerabilities actively exploited by ransomware groups, with Microsoft leading vendors at 39 additions. OS command injection (CWE-78) remained the most common

5m read timeFrom cyble.com
Post cover image
Table of contents
Older Vulnerabilities Added to CISA KEV Also GrewVulnerabilities Used in Ransomware AttacksProjects and Vendors with the Highest Number of Exploited VulnerabilitiesMost Common Software Weaknesses Exploited in 2025Conclusion

Sort: