https://github.com/opencve/opencve

Open-source CVE monitoring and alerting platform
https://github.com/opencve/opencve

cve cybersecurity django infosec mitre nvd python security-tools vulnerabilities vulnerability-management

Last synced: 13 days ago
JSON representation

Open-source CVE monitoring and alerting platform

• Host: GitHub
• URL: https://github.com/opencve/opencve
• Owner: opencve
• License: other
• Created: 2020-09-24T20:07:03.000Z (over 4 years ago)
• Default Branch: master
• Last Pushed: 2025-04-27T20:40:06.000Z (14 days ago)
• Last Synced: 2025-04-28T12:12:08.643Z (13 days ago)
• Topics: cve, cybersecurity, django, infosec, mitre, nvd, python, security-tools, vulnerabilities, vulnerability-management
• Language: Python
• Homepage: https://www.opencve.io
• Size: 10.5 MB
• Stars: 1,979
• Watchers: 42
• Forks: 255
• Open Issues: 73
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • License: LICENSE
  • Codeowners: .github/CODEOWNERS

Awesome Lists containing this project

• awesome-hacking-lists - opencve/opencve - CVE Alerting Platform (Python)
• awesome-starred - opencve/opencve - CVE Alerting Platform (security)

README

        


  





  

  

  





  

  

  

  

  

  



----------------

Try **for free** OpenCVE on [https://www.opencve.io](https://www.opencve.io) or check [documentation](https://docs.opencve.io) to install it yourself.

## What is OpenCVE

OpenCVE is a platform designed to help you **manage and monitor** the CVE database. It synchronizes the list of CVE (Common Vulnerabilities and Exposures) and allows you to **search, filter, and organize** them based on various criteria.

Users can **subscribe** to specific vendors or products and **receive notifications** when a new CVE is added or an existing one is updated. These notifications can be delivered via **Email or Webhook** (additional notification methods, such as **Slack**, are planned for future releases).

OpenCVE cross-references information from multiple reliable sources such as **MITRE**, **Vulnrichment**, **NVD**, and **RedHat**. This ensures that the vulnerability data remains accurate and up-to-date, even if one of the sources is temporarily unavailable.

## Features

- **Explore** the CVE database and filter the results by Vendor, Product, CVSS score or CWE

- **Subscribe** to vendors and products extracted from CPE

- **Organize** your subscription in your organizations and your projects

- **Invite** other members into your organizations

- **Be notified** for new CVE and for CVE updates based on subscriptions

- **Analyse** all CVE details (vendors, products, CVSS score, CPE, CWE, References...)

- **Create** custom tags (unread, important, devteam...) to organize the CVE list

- **Display** the history of each CVE and see their last changes in the homepage

- **Retrieve** the last changes in custom reports

- **Customize** the notification settings (type of change, filter by score...)

- **Integrate** OpenCVE with your own tools using the Webhook notification or the Rest API

You can use **for free** these features on the public instance: [https://www.opencve.io](https://www.opencve.io).

## How to Use OpenCVE

1. **Self-Hosted**: You can install and configure OpenCVE on your own server using Docker. This provides full control over your instance.

2. **SaaS Version**: Alternatively, you can use the hosted version of OpenCVE, available at [https://www.opencve.io](https://www.opencve.io). This option requires no setup and is ready to use out of the box.

You can explore the [documentation](https://docs.opencve.io) for detailed instructions like the installation, the notifications configuration or the API usage.