https://github.com/0xberka/cve-alert
Automate vulnerability tracking by fetching new CVEs and pushing timely alerts to Discord.
https://github.com/0xberka/cve-alert
alert automation containerized cve cve-alert cve-monitoring cve-tracking cybersecurity discord-webhook docker infosec python security security-automation security-tools threat-intelligence
Last synced: 3 months ago
JSON representation
Automate vulnerability tracking by fetching new CVEs and pushing timely alerts to Discord.
- Host: GitHub
- URL: https://github.com/0xberka/cve-alert
- Owner: 0xberka
- License: gpl-3.0
- Created: 2026-03-04T22:58:28.000Z (4 months ago)
- Default Branch: main
- Last Pushed: 2026-03-05T03:38:53.000Z (4 months ago)
- Last Synced: 2026-03-05T08:14:56.630Z (4 months ago)
- Topics: alert, automation, containerized, cve, cve-alert, cve-monitoring, cve-tracking, cybersecurity, discord-webhook, docker, infosec, python, security, security-automation, security-tools, threat-intelligence
- Language: Python
- Homepage:
- Size: 20.5 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# CVE Alert
Lightweight CVE monitoring service that tracks new entries from the [CVEProject/cvelistV5](https://github.com/CVEProject/cvelistV5) repository and sends alerts to Discord via webhook.
## Features
- Monitors Official CVE List v5
- Detects Only New CVEs
- Fetches Full Description
- Discord Webhook Alerts
- Continuous Background Monitoring
- Structured Logging
- Container-Ready
## Planned Features
- Severity filtering (CVSS)
- Vendor/product filtering
- Rate limiting for Discord alerts
- Batching multiple CVEs into a single message
## Architecture Overview
1. Fetch deltaLog.json file from **cvelistV5** repository.
2. Compare against locally stored CVE IDs.
3. Identify new entries.
4. Fetch detailed CVE description.
5. Send alert to Discord webhook.
6. Persist updated state.
## CVE Alert in Docker
CVE Alert can run as a container using Docker. This is recommended because it simplifies setup and keeps your system clean.
1. Create a `.env` file with your Discord webhook. You can copy `.env.template` and replace the placeholder URL with your own.
2. Build the container locally and, if you like, use Docker Compose to start it:
```bash
docker compose up
```
3. You can pull and run the image directly from Docker Hub:
```bash
docker run -it --name cve-alert --restart unless-stopped --env-file .env oubarka/cve-alert:latest
```
> **NOTE**: If using a Docker volume, make sure the container user has write access.
## CVE Alert Logs
CVE Alert keeps a record of its activity in log files stored on your machine.
- All logs are saved in the data/log/ folder.
- Each log file has a timestamp in its name, for example:
```
cve-alert-20260304-121109.log
```
- Logs include:
- When the service starts
- New CVEs detected
- Alerts sent to Discord
- Errors
## License
CVE Alert is licensed under the **GNU General Public License v3.0 (GPLv3)**.
See the [LICENSE](LICENSE) file or [GNU GPLv3](https://www.gnu.org/licenses/gpl-3.0.en.html) for details.