Skip to main content
HomeTopicsKEV

KEV

Cybersecurity statistics about kev

Showing 1-18 of 18 results

36.5% of KEVs carry a CVSS score of 9.0 or above, while 63.5% are rated high, medium, or lower.

Root Evidence5/31/2026
CVSS

Vulnerabilities added to CISA's Known Exploited Vulnerabilities catalog increased 43% in Q1 2026 compared with Q4 2025.

Beazley Security5/27/2026
VulnerabilitiesCISA

In 2025, 43% of CISA KEV additions were API-related, making APIs the single largest exploited surface in that dataset.

Wallarm2/22/2026
API SecurityAPIs

242 vulnerabilities are added to the CISA Known Exploited Vulnerabilities catalog, a 30% year-over-year increase, and 285 vulnerabilities are added to the Vedere Labs KEV, a 213% year-over-year increase.

Forescout Technologies Inc2/5/2026
Vulnerabilities

71% of exploited vulnerabilities are not in the CISA KEV catalog.

Forescout Technologies Inc2/5/2026
Vulnerabilities

65% of manufacturing companies have at least one vulnerability listed in the CISA Known Exploited Vulnerabilities (KEV) Catalog.

Black Kite10/8/2025
ManufacturingRansomware

90 third-party vendors are flagged with high-risk threat categories. Among these, 35 vendors are marked with Known Exploited Vulnerabilities (KEV) tags.

Black Kite7/10/2025
FinancialThird-party vendors

89% of healthcare organisations have the top 1% of riskiest IoMT devices on their networks, which contain known exploitable vulnerabilities (KEVs) linked to active ransomware campaigns and an insecure connection to the internet.

Claroty3/26/2025
HealthcareIoMT devices

9% of IoMT devices contain confirmed KEVs in their systems, impacting 99% of organisations.

Claroty3/26/2025
HealthcareIoMT devices

1% of IoMT devices carry KEVs linked to active ransomware campaigns and insecure internet connectivity, impacting 89% of organisations.

Claroty3/26/2025
HealthcareIoMT devices

8% of imaging systems (X-rays, CT scans, MRI, ultrasound, and more) have KEVs linked to ransomware and insecure internet connectivity, making this the riskiest medical device category and impacting 85% of organisations.

Claroty3/26/2025
HealthcareVulnerabilities

20% of HIS (hospital information systems), which manage clinical patient data, as well as administrative and financial information, have KEVs linked to ransomware and insecure internet connectivity, impacting 58% of organisations

Claroty3/26/2025
HealthcareVulnerabilities

High-severity KEVs saw a 25% reduction in remediation time.

CISA1/1/2025

Organizations enrolled in CISA’s Vulnerability Scanning service saw a steady decline in KEVs on their networks.

CISA1/1/2025

Cisco-related vulnerabilities accounted for 9.8% of all observed KEVs.

CISA1/1/2025

Average remediation time for critical-severity KEVs improved by 50%, reducing from 60 days to 30 days.

CISA1/1/2025

The CISA Known Exploited Vulnerabilities (KEV) Catalog recorded 1,199 KEVs as of August 31, 2024.

CISA1/1/2025

58% of KEVs were linked to open-source software vulnerabilities, particularly PHP and Apache.

CISA1/1/2025