diff --git a/http/cves/2024/CVE-2024-36401.yaml b/http/cves/2024/CVE-2024-36401.yaml
index 51a858d7ad..334b162ac8 100644
--- a/http/cves/2024/CVE-2024-36401.yaml
+++ b/http/cves/2024/CVE-2024-36401.yaml
@@ -23,7 +23,7 @@ info:
       - title="geoserver"
       - app="geoserver"
     google-query: intitle:"geoserver"
-  tags: cve,cve2024,geoserver,rce,unauth
+  tags: cve,cve2024,geoserver,rce,unauth,kev
 
 flow: |
    if(http(1))
@@ -65,4 +65,4 @@ http:
         part: content_type
         words:
           - "application/xml"
-# digest: 4a0a004730450220279aaebd1a369cf4592114ead904a1520e41ad97306683da9c89b53d278a40a3022100d045a6c3237dcc38c0af5dce4e225c736ea8361f759fb8fc444da9a24ab3c6ed:922c64590222798bb761d5b6d8e72950
\ No newline at end of file
+# digest: 4a0a004730450220279aaebd1a369cf4592114ead904a1520e41ad97306683da9c89b53d278a40a3022100d045a6c3237dcc38c0af5dce4e225c736ea8361f759fb8fc444da9a24ab3c6ed:922c64590222798bb761d5b6d8e72950