A repository that automatically tracks and cross-references CISA's Known Exploitable Vulnerabilities (KEV) list with available Nuclei templates for vulnerability scanning.
- Total CVEs in KEV: 1,472
- Scannable with Nuclei: 411 (27.9%)
- Unscannable: 1,061 (72.1%)
- Ransomware-Associated: 302 (20.5%)
- Unique Vendors: 241
- Unique Products: 597
- 🎯 Microsoft is the most represented vendor with 350 CVEs
- 🔍 411 CVEs can be actively scanned with Nuclei templates
- 🦠 302 CVEs (20.5%) are known to be used in ransomware campaigns
- 📅 16 new CVEs were added in the last 30 days
- 🔒 Most common vulnerability type: CWE-20 (112 occurrences)
⚠️ Microsoft has the highest scanning coverage at 4.6%, while Apple and Google have 0%
- CVEs Added: 16
- Scannable Added: 5
- New Coverage: 31.2%
| Rank | Vendor | CVE Count | Scannable | Scanning Coverage |
|---|---|---|---|---|
| 1 | Microsoft | 350 | 16 | 4.6% |
| 2 | Apple | 85 | 0 | 0.0% |
| 3 | Cisco | 81 | 12 | 14.8% |
| 4 | Adobe | 76 | 12 | 15.8% |
| 5 | 66 | 0 | 0.0% | |
| 6 | Oracle | 42 | 18 | 42.9% |
| 7 | Apache | 38 | 35 | 92.1% |
| 8 | Ivanti | 30 | 18 | 60.0% |
| 9 | VMware | 26 | 12 | 46.2% |
| 10 | D-Link | 25 | 10 | 40.0% |
| Rank | Product | CVE Count |
|---|---|---|
| 1 | Windows | 159 |
| 2 | Multiple Products | 67 |
| 3 | Chromium V8 | 37 |
| 4 | Internet Explorer | 34 |
| 5 | Flash Player | 33 |
| 6 | Kernel | 26 |
| 7 | Office | 25 |
| 8 | Win32k | 25 |
| 9 | Exchange Server | 16 |
| 10 | ColdFusion | 15 |
| Rank | CWE | Count |
|---|---|---|
| 1 | CWE-20 | 112 |
| 2 | CWE-78 | 97 |
| 3 | CWE-787 | 95 |
| 4 | CWE-416 | 85 |
| 5 | CWE-119 | 80 |
| Vendor | Ransomware CVEs |
|---|---|
| Microsoft | 100 |
| Fortinet | 13 |
| Ivanti | 12 |
| Oracle | 11 |
| Adobe | 10 |
| SonicWall | 9 |
| QNAP | 9 |
| VMware | 8 |
| Atlassian | 8 |
| Citrix | 7 |
Last updated: 2025-12-10