A repository that automatically tracks and cross-references CISA's Known Exploitable Vulnerabilities (KEV) list with available Nuclei templates for vulnerability scanning.
- Total CVEs in KEV: 1,449
- Scannable with Nuclei: 389 (26.8%)
- Unscannable: 1,060 (73.2%)
- Ransomware-Associated: 300 (20.7%)
- Unique Vendors: 238
- Unique Products: 589
- 🎯 Microsoft is the most represented vendor with 348 CVEs
- 🔍 389 CVEs can be actively scanned with Nuclei templates
- 🦠 300 CVEs (20.7%) are known to be used in ransomware campaigns
- 📅 32 new CVEs were added in the last 30 days
- 🔒 Most common vulnerability type: CWE-20 (112 occurrences)
⚠️ Microsoft has the highest scanning coverage at 4.0%, while Apple and Google have 0%
- CVEs Added: 32
- Scannable Added: 9
- New Coverage: 28.1%
| Rank | Vendor | CVE Count | Scannable | Scanning Coverage |
|---|---|---|---|---|
| 1 | Microsoft | 348 | 14 | 4.0% |
| 2 | Apple | 85 | 0 | 0.0% |
| 3 | Cisco | 81 | 12 | 14.8% |
| 4 | Adobe | 76 | 11 | 14.5% |
| 5 | 65 | 0 | 0.0% | |
| 6 | Oracle | 41 | 15 | 36.6% |
| 7 | Apache | 38 | 35 | 92.1% |
| 8 | Ivanti | 30 | 18 | 60.0% |
| 9 | VMware | 26 | 11 | 42.3% |
| 10 | D-Link | 24 | 10 | 41.7% |
| Rank | Product | CVE Count |
|---|---|---|
| 1 | Windows | 157 |
| 2 | Multiple Products | 67 |
| 3 | Chromium V8 | 36 |
| 4 | Internet Explorer | 34 |
| 5 | Flash Player | 33 |
| 6 | Kernel | 26 |
| 7 | Office | 25 |
| 8 | Win32k | 25 |
| 9 | Exchange Server | 16 |
| 10 | ColdFusion | 15 |
| Rank | CWE | Count |
|---|---|---|
| 1 | CWE-20 | 112 |
| 2 | CWE-78 | 94 |
| 3 | CWE-787 | 93 |
| 4 | CWE-416 | 84 |
| 5 | CWE-119 | 80 |
| Vendor | Ransomware CVEs |
|---|---|
| Microsoft | 100 |
| Fortinet | 13 |
| Ivanti | 12 |
| Oracle | 11 |
| Adobe | 10 |
| SonicWall | 9 |
| QNAP | 9 |
| VMware | 8 |
| Atlassian | 8 |
| Citrix | 7 |
Last updated: 2025-10-27