CISA Known Exploited Vulnerability Catalog – June 2025
For a detailed CISA’s KEV Catalog, download the pdf file here

—
Summary
The Known Exploited Vulnerability (KEV) catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild.
It is recommended that all organizations review and monitor the KEV catalog, prioritize remediation of listed vulnerabilities, and reduce the likelihood of compromise by threat actors. In June 2025, twenty vulnerabilities met the criteria for inclusion in the CISA’s KEV catalog. Of these, five are zero-day vulnerabilities; six have been exploited by known threat actors and employed in attacks.