We’re excited to announce the expansion of VulnCheck Community to include VulnCheck KEV Alerts via Email and Slack
This research aims to share experiences and observations to help others better understand how ENISA EUVD compares with existing vulnerability sources and whether it can serve as a reliable alternative for these established services.
In Q1 2025, VulnCheck identified evidence of 159 CVEs publicly disclosed for the first time as exploited in the wild.
VulnCheck treats every CVE as a forever-day, because we know exploitation doesn’t adhere to timelines or maintenance cycles.
VulnCheck integrates with OpenCTI - an open-source Threat Intelligence Platform by Filigran
Late last week, chat logs from Black Basta became available, offering rare insight into the operations of one of the most infamous ransomware groups. This research focuses on the vulnerabilities and CVEs mentioned in these logs, with the goal of providing defenders with actionable intelligence on the tactics of Black Basta.
VulnCheck now provides automated SSVC decisions for federal and enterprise agencies.
As a follow-up to our previous Zyxel Telnet Vulnerabilities blog, VulnCheck examines CVE-2024-40890, a recently disclosed vulnerability in the HTTP interface of many end-of-life Zyxel CPE routers.
VulnCheck and partner GreyNoise discovered Zyxel-related vulnerabilities being targeted in the wild. In this blog, VulnCheck describes the vulnerabilities CVE-2024-40891 and CVE-2025-0890.
In September, VulnCheck identified evidence of 78 CVEs that were publicly disclosed for the first time as exploited in the wild.
In 2024, VulnCheck's Initial Access Intelligence (IAI) team delivered custom exploits and detection artifacts for 169 CVEs. Among these, 99 CVEs (58.6%) were actively exploited in the wild.
VulnCheck discovers that a new vulnerability affecting Four-Faith industrial routers has been exploited in the wild
In November, Mitre released the 2024 CWE Top 25 Most Dangerous Software Weaknesses list. Today, VulnCheck issued a report re-evaluating the rankings with a threat-centric approach.
VulnCheck now provides an automated approach to providing broader visibility into differences between VulnCheck KEV and CISA KEV through a Jupyter Notebook publicly available on GitHub.
VulnCheck discovers evidence that ProjectSend has been exploited in the wild and assigns CVE-2024-11680
A newly disclosed vulnerability, CVE-2024-9441, affects the Linear Emerge E3 series. The vulnerability has not yet been patched by the vendor, and exploits are already circulating, raising concerns of imminent exploitation.
Last week, Five Eyes agencies issued a Joint Cybersecurity Advisory titled, “People’s Republic of China-Linked Actors Compromise Routers and IoT Devices for Botnet Operations” which we explore in this blog post.
During June, July, and August, we captured exploitation evidence for 158 vulnerabilities, with initial evidence emerging within this period for the first time. The evidence was collected from over 35 different sources.
To help security practitioners prioritize vulnerabilities using exploit evidence, we've outlined why weaponized vulnerabilities should be prioritized by mapping Metasploit modules and VulnCheck Known Exploited Vulnerabilities.
In May, VulnCheck identified evidence of 103 CVEs that were publicly disclosed for the first time as exploited in the wild, marking a 90.7% increase over April.
VulnCheck scanned the internet for implanted Cisco IOS XE systems and found thousands of results.
VulnCheck provides additional insight into CISA's 2022 Top Routinely Exploited Vulnerabilities by looking at the availability of exploits and examining which threat actors, botnets, and ransomware crews used the vulnerabilities.
VulnCheck analyzes four CVEs that impact SolarView, a solar power monitoring system. We discover the number of internet-facing systems and the likelihood of exploitation in the wild.
A review of the vulnerabilities that should have been added to the CISA KEV Catalog in 2022, but weren't.
A review of the vulnerabilities added to the CISA KEV Catalog in 2022. VulnCheck examines which vulnerabilities were added in 2022, who exploited them, and how long it took to add them to the Catalog.
An examination of vulnerabilities affecting Xiongmai IoT devices, including exploit development and an analysis of exploitation in the wild.
The CISA Known Exploited Vulnerabilities (KEV) Catalog tracks vulnerabilities that have been exploited in the wild, and it currently has more than 800 entries.