Ransomware, Security Operations, Vulnerability Management, Patch/Configuration Management

Exploited vulnerabilities accelerated in 2025, CISA KEV catalog shows

As reported by The Cyber Express, the landscape of known exploited vulnerabilities experienced a notable acceleration in growth during 2025, reversing a trend of stabilization observed in the previous year. Analysis of the Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerability (KEV) catalog reveals a significant increase in newly identified and exploited flaws.

Cyble's analysis indicates that 245 vulnerabilities were added to the CISA KEV catalog in 2025, representing a roughly 20% growth rate and a substantial increase compared to the 185 and 187 vulnerabilities added in 2024 and 2023, respectively. This surge includes a nearly 45% rise in older vulnerabilities being added, with the oldest identified flaw dating back to 2007. Notably, 24 of the vulnerabilities added in 2025 were confirmed to be exploited by ransomware groups, targeting vendors such as Microsoft, Apple, and Oracle. Common weakness enumerations like OS Command Injection (CWE-78) and Deserialization of Untrusted Data (CWE-502) were among the most prevalent software weaknesses exploited.

The reacceleration of exploited vulnerability growth in 2025 underscores the persistent and evolving threat posed by cyberattacks. The increasing inclusion of older vulnerabilities suggests that legacy systems remain a significant target. This trend highlights the critical need for organizations to maintain robust patch management practices and proactively address identified weaknesses.

Source: The Cyber Express

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds