How can you check that there is an exploit associated with a CVE?
There are multiple options to see if there is an exploit associated with a CVE within your Feeds, Folders, Web Alerts or Boards:
1) Green metadata labels in a magazine view or in an article itself
If the CVE is exploited, you’ll see “ex” appended after the CVSS score
If a public exploit is associated with a CVE, “ex” will be appended after the CVSS score
2) CVE Insights Card
When you open a CVE Insights Card, you’ll see a chip with “Exploit” that links to the source of the exploit (in this case CISA.gov)
How do we find and link exploits to CVEs
We use the National Vulnerability Database (NVD) to check if there is any information available about the exploit connected to the CVE. If there is no link to an exploit in the NVD, we try to find an article, a proof of concept (PoC), or a code sample describing how to exploit the vulnerability in various feeds (specific GitHub accounts, Exploit-DB, ZDI, Sploitus, VulDB, CISA, etc.).
Note: In the future, we will add a Leo Concept to track exploits and PoCs more easily.