Dozens of Exploited Vulnerabilities Missing From CISA ‘Must Patch’ List


According to vulnerability intelligence firm VulnCheck, the Known Exploited Vulnerabilities (KEV) catalogue kept by the US Cybersecurity and Infrastructure Security Agency (CISA) is missing dozens of security problems that have probably been used in the wild.

A recent examination of the vulnerabilities CISA added to its catalogue in 2022 was done by VulnCheck. Despite the fact that the organisation added more than 550 security holes last year, VulnCheck discovered that as of March 3, 42 vulnerabilities that were likely to have been used in harmful attacks and given CVE IDs in 2022 were absent.

Read More…