- CISA has launched a new public reporting form for known exploited vulnerabilities
- The new reporting capability is intended to speed up cyberthreat detection and response
- Get the latest insights on emerging homeland security initiatives at the 2026 Homeland Security Summit on Nov. 12
The Cybersecurity and Infrastructure Security Agency, or CISA, has launched a new nomination form designed to help researchers, vendors and industry partners report known exploited vulnerabilities, or KEVs, to the federal government.
CISA’s ongoing efforts to strengthen vulnerability management and cyberthreat response highlight DHS’ broader focus on protecting federal systems and critical infrastructure. Hear more about cybersecurity priorities and emerging challenges at the Potomac Officers Club’s 2026 Homeland Security Summit on Nov. 12. Register now.
Table of Contents
What Does the New Nomination Form Provide?
CISA said Thursday the KEV Nomination Form is intended to enhance the agency’s ability to identify, validate and distribute information on actively exploited cyber vulnerabilities affecting government, private and critical infrastructure networks.
The reporting capability aligns with CISA’s Vulnerability Disclosure Policy Platform and Coordinated Vulnerability Disclosure Program, which encourage good faith research and transparent remediation of cyber risks.
The initiative builds on CISA’s broader efforts to strengthen vulnerability management, including expanding the KEV Catalog, promoting faster remediation timelines and supporting cross-sector cybersecurity coordination through updated cybersecurity performance goals.
How Does the KEV Nomination Form Support Cybersecurity Efforts?
Public reporting supports the early identification of exploited vulnerabilities, promotes responsible disclosure and enables timely mitigation across federal, private and critical infrastructure networks.
Chris Butera, acting executive assistant director for cybersecurity at CISA, emphasized that early detection and coordinated disclosure are among the most effective tools for reducing risk at scale.
“CISA strongly encourages researchers and organizations to share vulnerability threats and help us secure the systems Americans rely on every day,” Butera added.
Butera was a keynote speaker at Potomac Officers Club‘s 2026 Cyber Summit last week. Check out POC’s coverage of his remarks on LinkedIn.
