This repository contains a continuously updated mirror of the CISA Known Exploited Vulnerabilities (KEV) catalog, available in CSV format.
Data is refreshed every 2 hours and organized in multiple formats for easier access and analysis.
CVE data is available in the following formats:
-
All CVEs in a single file
Get all CVEs → https://lucacapacci.github.io/cisa_kev/cisa_kev.csv -
Files grouped by year
Example: get all CVEs starting with "CVE-2025-" → https://lucacapacci.github.io/cisa_kev/data_years/cisa_kev_2025.csv -
Files grouped by year and first digit of the CVE ID
Example: get all CVEs starting with "CVE-2025-0" → https://lucacapacci.github.io/cisa_kev/data_groups/cisa_kev_2025_0.csv -
Single file per CVE
Example: get CVE-2025-0108 → https://lucacapacci.github.io/cisa_kev/data_single/2025/CVE-2025-0108.csv
curl -L https://lucacapacci.github.io/cisa_kev/data_single/2025/CVE-2025-0108.csvimport requests
import csv
from io import StringIO
url = 'https://lucacapacci.github.io/cisa_kev/data_single/2025/CVE-2025-0108.csv'
response = requests.get(url)
csv_file = StringIO(response.text)
reader = csv.reader(csv_file)
for row in reader:
print(row)Data is automatically updated every 2 hours, providing near real-time CVE tracking.