diff --git a/v2/pkg/catalog/loader/filter.go b/v2/pkg/catalog/loader/filter.go
index 17f0142b..fc71f8eb 100644
--- a/v2/pkg/catalog/loader/filter.go
+++ b/v2/pkg/catalog/loader/filter.go
@@ -72,12 +72,11 @@ func (config *Config) createTagFilter() *tagFilter {
 		block:       make(map[string]struct{}),
 		matchAllows: make(map[string]struct{}),
 	}
-	for _, tag := range config.Tags {
+	for _, tag := range config.ExcludeTags {
 		for _, val := range splitCommaTrim(tag) {
-			if _, ok := filter.allowedTags[val]; !ok {
-				filter.allowedTags[val] = struct{}{}
+			if _, ok := filter.block[val]; !ok {
+				filter.block[val] = struct{}{}
 			}
-			delete(filter.block, val)
 		}
 	}
 	for _, tag := range config.Severities {
@@ -94,11 +93,12 @@ func (config *Config) createTagFilter() *tagFilter {
 			}
 		}
 	}
-	for _, tag := range config.ExcludeTags {
+	for _, tag := range config.Tags {
 		for _, val := range splitCommaTrim(tag) {
-			if _, ok := filter.block[val]; !ok {
-				filter.block[val] = struct{}{}
+			if _, ok := filter.allowedTags[val]; !ok {
+				filter.allowedTags[val] = struct{}{}
 			}
+			delete(filter.block, val)
 		}
 	}
 	for _, tag := range config.IncludeTags {
diff --git a/v2/pkg/catalog/loader/filter_test.go b/v2/pkg/catalog/loader/filter_test.go
index a0df7e95..af0a857b 100644
--- a/v2/pkg/catalog/loader/filter_test.go
+++ b/v2/pkg/catalog/loader/filter_test.go
@@ -22,7 +22,6 @@ func TestTagBasedFilter(t *testing.T) {
 	})
 	t.Run("not-match-excludes", func(t *testing.T) {
 		config := &Config{
-			Tags:        []string{"cves", "dos"},
 			ExcludeTags: []string{"dos"},
 		}
 		filter := config.createTagFilter()
@@ -42,6 +41,16 @@ func TestTagBasedFilter(t *testing.T) {
 		require.Nil(t, err, "could not get match")
 		require.True(t, matched, "could not get correct match")
 	})
+	t.Run("match-includes", func(t *testing.T) {
+		config := &Config{
+			Tags:        []string{"fuzz"},
+			ExcludeTags: []string{"fuzz"},
+		}
+		filter := config.createTagFilter()
+		matched, err := filter.match("fuzz", "pdteam", "low")
+		require.Nil(t, err, "could not get match")
+		require.True(t, matched, "could not get correct match")
+	})
 	t.Run("match-author", func(t *testing.T) {
 		config := &Config{
 			Authors: []string{"pdteam"},