Real-time CVE data fetched directly in your browser from NVD and CISA KEV public feeds. Severity-filtered, refreshable, and protected against blank-feed failure.
CVE is a standardised list of publicly disclosed cybersecurity vulnerabilities. Each entry gets a unique ID in the format CVE-YEAR-NUMBER, allowing security teams worldwide to reference the same flaw consistently.
The Common Vulnerability Scoring System (CVSS) provides a numerical score from 0–10 indicating severity. Scores consider attack vector, complexity, privileges required, and impact on confidentiality, integrity, and availability.
Unpatched CVEs are the most common attack vector used in real-world breaches. Monitoring the CVE feed lets defenders and pentesters track newly disclosed vulnerabilities affecting their software stack in real time.
CISA maintains a Known Exploited Vulnerabilities catalogue tracking CVEs actively exploited by threat actors. Critical and high severity CVEs appearing here require immediate patching — often within 48 hours for federal agencies.
If a CVE here touches a system you own, use it as a starting point for patch checks, vendor guidance, and a scoped conversation if you need a second pair of eyes.