How can you check that there is an exploit associated with a CVE?

There are multiple options to see if there is an exploit associated with a CVE within your Feeds, Folders, Web Alerts or Boards:

1) Green metadata labels in a magazine view or in an article itself

If the CVE is exploited, you’ll see “ex” appended after the CVSS score

If the CVE is exploited, you’ll see “ex” appended after the CVSS score

If a public exploit is associated with a CVE, “ex” will be appended after the CVSS score

2) CVE Insights Card

When you open a CVE Insights Card, you’ll see a chip with “Exploit” that links to the source of the exploit (in this case CISA.gov)

How do we find and link exploits to CVEs

We use the National Vulnerability Database (NVD) to check if there is any information available about the exploit connected to the CVE. If there is no link to an exploit in the NVD, we try to find an article, a proof of concept (PoC), or a code sample describing how to exploit the vulnerability in various feeds (specific GitHub accounts, Exploit-DB, ZDI, Sploitus, VulDB, CISA, etc.).

Note: In the future, we will add a Leo Concept to track exploits and PoCs more easily.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.