• Platform
    Platform
    Nucleus Platform
    Scale and automate your vulnerability and exposure management program
    Vulnerability Intelligence Platform
    Access centralized and enriched vulnerability intelligence
    Nucleus Insights Intelligence Feed
    AI-powered, expert-validated threat and vulnerability intelligence
    Integrations
    Discover our ecosystem of 200+ connectors
    Capabilities
    Vulnerability Aggregation
    Unify and operationalize your vulnerability data in one platform
    Risk Prioritization
    Prioritize with asset context and threat intelligence
    Vulnerability Remediation
    Automate workflows to prioritize and mitigate critical exposures
    Vulnerability Intelligence
    Enrich vulnerability findings with real-world threat intelligence
    Asset Management
    Unify asset data to automate your vulnerability and exposure management
    Plan of Action and Milestones (POAM)
    Automate POA&M compliance at scale
    Compliance Frameworks
    Align with compliance framework controls and requirements.
    MCP Server
    Interact with your data using natural language and AI tools
  • Solutions
    Public Sector
    Federal Government
    Vulnerability and exposure management for government agencies
    State, Local, and Education (SLED)
    Centralize security and simplify compliance for state and local government
    Use Cases
    Exposure Management
    Scale and automate your exposure management program
    Risk-Based Vulnerability Management
    Address vulnerabilities with risk-based context and prioritization
    Application Security
    Shift left application security with production risk context
    Cloud Vulnerability and Exposure Management
    Conquer critical exposures across hybrid clouds
    Featured Report
    Gartner EAP MQ
    Nucleus Security Recognized as a Challenger in 2025 Gartner® Magic Quadrant™ Report

    We have been recognized for our Completeness of Vision and Ability to Execute.

    GET THE REPORT
  • Partners
    Partner Program
    Program Overview
    Learn more about our growing partner program
    MSSPs
    Explore opportunities for MSSP partnerships
    Marketplaces
    Find Nucleus on leading industry marketplaces
    Partner Resources
    Partner Directory
    Explore our ecosystem of partners
    Become a Partner
    Submit your request to join our partner program
    Deal Registration
    Easily register deals with Nucleus
    Partner Portal
    Log in to our dedicated Partner Portal
    Partner Case Study
    Orange Cyberdefense
    Case Study: Orange Cyberdefense

    Orange Cyberdefense leverages Nucleus to streamline vulnerability management, reduce costs, and drive impactful security insights for its customers.

    LEARN MORE
  • Resources
    Resources
    Resource Library
    Discover customer stories, reports, research, and more
    Blog
    Stay informed with the Nucleus Node blog
    Webinars
    Learn from industry experts and Nucleus leaders
    Events
    Meet with us virtually and in-person
    CISA KEV Enrichment Dashboard
    Quickly analyze vulnerabilities identified by CISA
    Featured Resources

    Gartner Exposure Assessment Platform Magic Quadrant

    Nucleus Security recognized as a Challenger by Gartner.

    LEARN MORE

    Omdia Technical Validation

    LEARN MORE
    Featured Articles

    The NVD Funding Crisis Was Bigger Than Mythos

    READ MORE

    You Can’t Patch Your Supply Chain So Why Treat It Like a Vulnerability Problem?

    READ MORE
    Featured Webinars

    The Exploitability Intelligence Gap Webinar

    OPEN WEBINAR

    From Insight to Impact Carahsoft Webinar

    OPEN WEBINAR
    Featured Events

    Billington Critical Infrastructure Summit

    LEARN MORE

    TechNet Indo-Pacific

    LEARN MORE
    Featured Content

    The NVD Funding Crisis Was Bigger Than Mythos

    LEARN MORE

    You Can’t Patch Your Supply Chain So Why Treat It Like a Vulnerability Problem?

    LEARN MORE
  • Company
    About
    About Nucleus
    Learn more about who we are as a company
    Careers
    Explore our current openings and join the team
    News
    Read the latest news and articles
    Contact
    Contact Us
    Reach out to the Nucleus team
    Watch a Demo on Demand
    Watch our on-demand video demo
    Schedule Custom Demo
    Request a customized demo suited to your business' needs
    Pricing
    Get a quote based on your unique requirements
    Featured Content
    Omdia Tech Validation Report
    Omdia Technical Validation

    Omdia’s Technical Validation, commissioned by Nucleus, details how Nucleus helps organizations build successful vulnerability and exposure management programs.

    LEARN MORE
Watch A Demo
WHITE PAPER

The Exploitability Intelligence Gap

New research reveals that 18% of vulnerabilities showed signs of exploitation before CISA KEV listing, with some cases surfacing confirmed activity up to 31 days earlier.

Most vulnerability programs act when risk becomes obvious. By then, the window to get ahead of it may already be closing.

Between October 2025 and March 2026, Nucleus Security Research reviewed every new KEV addition and found that 22 vulnerabilities, 18% of the total, showed meaningful exploitation or exploitability signals before formal listing. The problem is not a lack of signals. It is the inability to operationalize them in time.

18%
Of KEV additions showed pre-confirmation signals
31 days
Longest pre-KEV lead time in the dataset
121x
Larger median EPSS movement after KEV than before it

What the Research Found

  • Confirmed exploitation surfaced before KEV in 8 of 22 CVEs, with a median lead time of 5.5 days
  • 14 additional CVEs showed strong exploitability signals before KEV without confirmed exploitation
  • Public PoC is a strong signal, but not the only one, and its absence does not mean low risk
  • EPSS crossed actionable thresholds after KEV in most cases, not before, making it a poor early-warning signal on its own

The Gap Is Between Evidence and Action

Early signals exist. They are fragmented, hard to connect, and difficult to defend in a prioritization decision. Teams default to waiting for downstream confirmation, even when earlier evidence is already strong enough to matter.

Download the whitepaper to see the evidence CVE by CVE, and what it takes to close the gap.

See Nucleus in Action

Discover how unified, risk-based automation can transform your vulnerability management.

Schedule a Demo

© 2026 Nucleus Security. All rights reserved

Nucleus Webinar: The Exploitability Intelligence Gap and What You Can Know Before CISA KEV | Save Your Seat →