CISA Known Exploited Vulnerability Catalog June 2023

This document is a technical report detailing the Known Exploited Vulnerability (KEV) catalog maintained by CISA, which serves as the authoritative source for vulnerabilities that have been actively exploited. The report emphasizes the importance of organizations reviewing and monitoring the KEV catalog to prioritize the remediation of listed vulnerabilities, thereby reducing the risk of compromise by threat actors. In June 2023, the catalog includes 24 vulnerabilities that meet the criteria for inclusion, with nine identified as zero-day vulnerabilities. Additionally, seven of these vulnerabilities have been exploited by known threat actors in various attacks. The report provides a comprehensive list of these vulnerabilities, including their associated CVE IDs, affected products, and severity scores. Recommendations for mitigating these vulnerabilities are also included, along with references and an appendix for further information.