← all kits

KEV Reference

reference state · v1.0

3 entity types · 2 relationships · 4 named queries · 1 workflows

Published vulnerability reference graph built from public data: CISA KEV, NVD CVE/CPE configurations, and EPSS scores. Products use CPE-based identifiers. Vulnerability-to-product edges carry affected version ranges from NVD CPE match data.

source on GitHub →

Entity types

3
Vendor
Vendor or software publisher, identified by CPE vendor string.name
Product
Product identified by CPE vendor and product strings.vendor_id · vendor_name · product_name · cpe_vendor · cpe_product · cpe_part
Vulnerability
Public vulnerability record from CISA KEV catalog.vulnerability_name · description · date_added_to_kev · kev_due_date · required_action · known_ransomware_use · cvss_score · cvss_severity · epss_score · epss_percentile · cwes

Relationships

deterministic2
product_from_vendor
ProductVendor
vulnerability_affects_product
VulnerabilityProduct

Named queries

4

vulnerability_products · Vulnerability → Product

Starting from a vulnerability, return affected products with reference edge evidence.

product_vulnerabilities · Product → Vulnerability

Starting from a product, return KEV vulnerabilities that affect it.

vendor_products · Vendor → Product

Starting from a vendor, return products published by that vendor.

vendor_vulnerabilities · Vendor → Vulnerability

Starting from a vendor, return vulnerabilities across that vendor's products, preserving the product evidence path.

Workflows

1

build_public_kev_reference · 9 steps

Build the canonical public KEV reference layer from the bundled hashed public-data artifact including NVD CPE match data.