Tootfinder

Opt-in global Mastodon full text search. Join the index!

@adulau@infosec.exchange
2026-02-07 08:07:19

Following a great question from CERT.PL about GCVE KEV assertion format and especially about the confidence level for an evidence of a vulnerability assertion.
We made a first table of confidence level for the evidence in the KEV record format.
#kev #gcve

| Confidence | Label | Meaning (confidence in this evidence item) | Typical exploitation evidence examples | |-----------:|------------------|---------------------------------------------|----------------------------------------| | 0.0 | None | No usable evidence or placeholder only | Empty claim; unresolved rumor with no traceability | | 0.1 | Extremely low | U…
@publicvoit@graz.social
2026-01-10 12:54:31

In 2025, the top 5 known exploited vulnerability (#KEV) vendors as of cyble.com/blog/cisa-kev-2025-e were:
Microsoft (39)
<…

2025 CISA KEV Catalog Hits 1,484 Exploited Vulnerabilities
CISA KEV added 245 flaws in 2025, raising total known exploited vulnerabilities to 1,484 and highlighting rising ransomware risks.