cisa-kev
Safeguard articles tagged "cisa-kev" — guides, analysis, and best practices for software supply chain and application security.
22 articles
CISA KEV Catalog Growth Analysis 2025-2026
A data-grounded analysis of CISA Known Exploited Vulnerabilities catalog growth through 2025 and 2026, and the operational implications for defenders.
CVE-2025-53521 in F5 BIG-IP APM: Patch Posture & SBOM Response
F5 BIG-IP APM bug reclassified from DoS to RCE at CVSS 9.8 and landed on CISA KEV. Defender playbook for the late-cycle severity surprise.
How to Prioritize a 10,000-Finding Vulnerability Backlog
A five-digit backlog is not a ranking problem, it is a filtering problem. Here is the funnel that turns 10,000 findings into a few hundred that deserve engineering time.
CISA KEV catalog
The CISA KEV catalog lists vulnerabilities with confirmed real-world exploitation. Here's what it is, how entries get added, deadlines, and remediation rules.
CVE-2025-64446 in Fortinet FortiWeb: Patch Posture & SBOM Response
FortiWeb path traversal + RCE scored CVSS 9.1 and entered CISA KEV after months of targeted exploitation. Defender playbook for the WAF emergency.
CVE-2025-20333 in Cisco ASA: Patch Posture & SBOM Response
Cisco Secure Firewall ASA/FTD buffer overflow scored CVSS 9.9 and was added to CISA KEV the day Cisco published the advisory. Here is the defender playbook.
CVE-2025-7775 in Citrix NetScaler: Patch Posture & SBOM Response
NetScaler ADC and Gateway memory overflow scored CVSS 9.2 and landed on CISA KEV with a 48-hour patch deadline. Here is the defender playbook.
CVE-2025-53770 in SharePoint (ToolShell): Patch Posture & SBOM Response
On-prem SharePoint deserialization flaw scored CVSS 9.8 and entered CISA KEV the day after public exploitation. Defender playbook below.
SolarWinds Web Help Desk CVE-2024-28987: Hardcoded Credential in Federal Networks
SolarWinds shipped a hardcoded helpdeskIntegrationUser credential in Web Help Desk that CISA added to KEV on October 15, 2024 after federal agency intrusions.
CISA KEV Catalog Growth: A 2024 Q1 Analysis
CISA added 40+ CVEs to the Known Exploited Vulnerabilities catalog in Q1 2024. We break down the vendor mix, the edge-device bias, and what to prioritize.