Curated CVE Watch

CISA Known Exploited Vulnerabilities (KEV)

🔢

Total CVEs

🛠️

Unique Vendors

📦

Total Products

🦠

Ransomware Related

📅

+ Daily

📊

+ Weekly

🗓️

+ Monthly

📆

+ Yearly

Show:

📊 EPSS Score Distribution

Critical 0

High 0

Medium 0

Low 0

🛠️ Top Affected Products

🦠 Known Ransomware Campaign Use

⚠️

Known

Used in ransomware campaigns

❓

Unknown

No known ransomware use

📅 CVE Addition Timeline

Past 30 days 0 CVEs

30 days ago Today

🔍 CVE Watch Table

Known Exploited Vulnerabilities actively being exploited in the wild

CVE ID ↕️	Summary	Vendor ↕️	Date Added ↕️	EPSS Score ↕️	Product	Ransomware Use
Loading CISA CVE data...

Showing 0 to 0 of 0 results

Page 1 of 1

About Curated CVE Watch

Real-time monitoring of CISA's Known Exploited Vulnerabilities catalog for enhanced security awareness

📚 Understanding CVE & EPSS

What is CVE?

Common Vulnerabilities and Exposures - standardized identifiers for publicly known cybersecurity vulnerabilities that help organizations track security issues.

What is EPSS?

Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the likelihood a vulnerability will be exploited in the wild within the next 30 days. Unlike CVSS which measures theoretical severity, EPSS predicts real-world exploitation probability using machine learning.

Critical ≥70%

High 30-69%

Medium 10-29%

Low <10%

CISA KEV Catalog

Authoritative list of CVEs with evidence of active exploitation. These pose significant risk as threat actors are actively using them in real-world attacks.

🔢 Our EPSS Scoring

Real EPSS Scores (no asterisk)

Fetched directly from FIRST.org's official EPSS API (api.first.org/data/v1/epss) which provides daily updated machine learning-based exploit predictions.

Estimated Scores (marked with *)

When EPSS API data is unavailable, we generate realistic probability scores using CVE characteristics, weighted toward higher likelihood since KEV vulnerabilities are actively exploited.

How is EPSS Calculated?

EPSS uses machine learning trained on multiple data sources:

• Vulnerability age and CWE categories
• CVSS metrics and public exploit availability
• Mentions in security tools and CISA KEV
• CVE description patterns and language

Why EPSS is Better for KEV

Unlike CVSS which measures theoretical impact, EPSS predicts actual exploitation likelihood using real-world threat data. This makes it perfect for prioritizing KEV vulnerabilities that are already being exploited.

ℹ️

EPSS Data Source

Official FIRST.org EPSS API provides daily updated scores based on machine learning models trained on real exploit activity.

🎯 Dashboard Features

•

Real-time EPSS score distribution and exploit probability analysis

•

Ransomware campaign usage tracking and threat intelligence

•

Advanced filtering by vendor, product, and vulnerability type

•

Timeline visualization with daily, weekly, monthly, and yearly views

•

Top affected products and vendor impact analysis

⚠️

Disclaimer

This dashboard provides situational awareness only. Always consult official CISA guidance for remediation actions.

🔗 Official CISA KEV Catalog