February 5, 2025
CISA Known Exploited Vulnerability Catalog – January 2025
For a detailed CISA’s KEV Catalog, download the pdf file here

Summary
The Known Exploited Vulnerability (KEV) catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild.
It is recommended that all organizations review and monitor the KEV catalog, prioritize remediation of listed vulnerabilities, and reduce the likelihood of compromise by threat actors. In January 2025, fourteen vulnerabilities met the criteria for inclusion in the CISA’s KEV catalog. Of these, seven are zero-day vulnerabilities; four have been exploited by known threat actors and employed in attacks.