Chat with AI and run tools instantly.
The CISA Known Exploited Vulnerabilities (KEV) Catalog is the authoritative U.S. government list of vulnerabilities that are actively being exploited in the wild. Federal agencies are required to remediate KEV entries by their due dates. Search the catalog, look up specific CVEs, find recently added entries, filter by ransomware campaign use, and get summary stats.
Chat with AI and run tools instantly.
Browse all toolsDomain knowledge for CISA KEV — workflow patterns, data models, and gotchas for your AI agent.
The CISA Known Exploited Vulnerabilities Catalog lists vulnerabilities actively exploited in the wild. Federal agencies must remediate by due dates.
Get a frequency breakdown of weakness types (CWEs) across all CISA KEV entries. Shows which vulnerability classes are most commonly exploited in the w...
Find CISA KEV entries with past-due or upcoming federal remediation deadlines. Overdue entries represent federally mandated patches that haven't been ...
Look up a specific CVE in the CISA Known Exploited Vulnerabilities catalog. Returns full KEV entry details including the required remediation action, ...
Get a KEV exposure breakdown for a specific vendor — how many actively exploited vulnerabilities affect each of their products, and which products hav...
Get CISA KEV entries that are linked to known ransomware campaigns. These are the highest-priority vulnerabilities — actively exploited AND used by ra...
Get the most recently added vulnerabilities to the CISA KEV catalog. Results are sorted newest-first. Use days_back to control the lookback window. Cr...
Search the CISA KEV catalog by vendor, product, vulnerability name, or keyword. Case-insensitive full-text search across all fields. Use ransomware_on...
Get a summary of the CISA Known Exploited Vulnerabilities catalog: total count, catalog version, date released, how many were added in the last 7/30/9...
Check a list of CVEs from a vulnerability scan against the CISA KEV catalog. Returns which CVEs are confirmed actively exploited (in KEV), which are n...
The CISA Known Exploited Vulnerabilities (KEV) Catalog is the authoritative U.S. government list of vulnerabilities that are actively being exploited in the wild. Federal agencies are required to remediate KEV entries by their due dates. Search the catalog, look up specific CVEs, find recently added entries, filter by ransomware campaign use, and get summary stats. It provides 9 tools that AI agents can use through the Model Context Protocol (MCP).
Add the MCPBundles server URL to your MCP client configuration (Claude Desktop, Cursor, VS Code, etc.). The URL format is: https://mcp.mcpbundles.com/bundle/cisa-kev. Authentication is handled automatically.
CISA KEV provides 9 tools that can be called by AI agents, along with a SKILL.md that gives your AI agent domain knowledge about when and how to use them.
CISA KEV uses open data APIs — no authentication required.
Connect CISA KEV to any MCP client in minutes
https://mcp.mcpbundles.com/bundle/cisa-kevThe link prefills the Add custom connector dialog — you still review the values and click Add, then Connect to complete OAuth.
CISA KEV and paste the MCP URL into Remote MCP server URL.Custom connectors at claude.ai require a paid Claude plan (Pro, Max, Team, or Enterprise).
More security integrations you might like
Container CVE triage and cross-source vulnerability intelligence: local Trivy scans via Desktop, NIS...
Intruder is a cybersecurity platform that offers automated vulnerability scanning to help businesses...
Persona provides identity verification and authentication services, enabling businesses to verify cu...
OPUSWatch provides API-based solutions for managing operational risk and ensuring regulatory complia...
OFAC-API.com provides KYC, AML, and sanctions compliance screening against 25+ global data sources i...
Microsoft Entra ID is an identity and access management service that provides secure authentication ...