Skip to main content

CYBERSTATS

Security Intelligence

Back to Home

Organizations enrolled in CISA’s Vulnerability Scanning service saw a steady decline in KEVs on their networks.

CISA
January 1, 2025
KEV

Organizations enrolled in CISA’s Vulnerability Scanning service saw a steady decline in KEVs on their networks. — This cybersecurity statistic was published by CISA in January 2025. It covers topics including KEV. The original data appears in Cybersecurity Performance Goals Adoption Report. For the full methodology and detailed findings, refer to the original report.

Source

View Original Report

Published on 1/1/2025

Share or Copy this stat

Frequently Asked Questions

What does this statistic say?

Organizations enrolled in CISA’s Vulnerability Scanning service saw a steady decline in KEVs on their networks. This data was published by CISA and covers KEV.

Where does this data come from?

This statistic comes from Cybersecurity Performance Goals Adoption Report, published by CISA on January 1, 2025. You can view the original report at Cybersecurity Performance Goals Adoption Report | CISA.

What cybersecurity topics does this cover?

This statistic relates to KEV. Browse more statistics on KEV or from CISA.

Want More Statistics Like This?

Get the latest cybersecurity stats delivered to your inbox every week

Related Statistics

In 2025, 43% of CISA KEV additions were API-related, making APIs the single largest exploited surface in that dataset.

Wallarm2/22/2026
API SecurityAPIsKEV

71% of exploited vulnerabilities are not in the CISA KEV catalog.

Forescout Technologies Inc2/5/2026
VulnerabilitiesKEV

242 vulnerabilities are added to the CISA Known Exploited Vulnerabilities catalog, a 30% year-over-year increase, and 285 vulnerabilities are added to the Vedere Labs KEV, a 213% year-over-year increase.

Forescout Technologies Inc2/5/2026
VulnerabilitiesKEV

65% of manufacturing companies have at least one vulnerability listed in the CISA Known Exploited Vulnerabilities (KEV) Catalog.

Black Kite10/8/2025
ManufacturingRansomwareVulnerabilities

90 third-party vendors are flagged with high-risk threat categories. Among these, 35 vendors are marked with Known Exploited Vulnerabilities (KEV) tags.

Black Kite7/10/2025
FinancialThird-party vendorsVulnerabilities

20% of HIS (hospital information systems), which manage clinical patient data, as well as administrative and financial information, have KEVs linked to ransomware and insecure internet connectivity, impacting 58% of organisations

Claroty3/26/2025
HealthcareVulnerabilitiesKEV

Browse by Topic

KEVMore from CISA

Stay Ahead of Cyber Threats

Join 1,000+ security professionals getting weekly insights