Live CISA KEV Vendor Globe

Every vendor in your stack. Every CVE CISA is warning about. One view.

Each pin on the globe is a vendor we monitor against the CISA Known Exploited Vulnerabilities catalog. Pin size scales with the count of active advisories. Color shows severity. A pulsing pin means CISA added new entries in the last seven days.

CISA KEV FIRST EPSS NIST NVD Run a Stack Check on your specific stack →

34

Vendors monitored

13

With active KEV entries

665

Total active CVEs

1

New advisories (7d)

13

With overdue patches

·
·
·
·
·
·
·
Off

Loading vendor globe...

Pin color

Critical High Medium Clean

Drag the globe to rotate. Scroll to zoom. Hover or tap a pin for details.

Snapshot computed: 2026-06-03 03:45 UTC Upstream feeds synced: 2026-06-03 02:45 UTC
Check your stack →

How to read this map

The honest version of what each pin represents and what the map can and cannot tell you.

Data sources

CISA Known Exploited Vulnerabilities catalog provides the "actively exploited" designation. FIRST EPSS provides exploit likelihood scoring (0 to 1). NIST NVD provides the CVSS severity score. All three feeds are public, authoritative, and updated directly from their source.

Pin placement

Pins sit at vendor headquarters, not at attack origins. There is no public dataset that says "this CVE is being exploited from country X." We do not pretend otherwise. The pins show where each vendor in your stack is based; the data they carry shows what is actively being exploited in their products.

Make it useful

Run a Stack Check on the vendors you actually use. Get a per-CVE report you can take to your patching backlog the same day.

Run a Stack Check