https://github.com/vulnerability-lookup/vulnerability-lookup
Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD).
https://github.com/vulnerability-lookup/vulnerability-lookup
cvd cvd-policy cve vulnerability-databases vulnerability-lookup
Last synced: about 2 months ago
JSON representation
Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD).
- Host: GitHub
- URL: https://github.com/vulnerability-lookup/vulnerability-lookup
- Owner: vulnerability-lookup
- License: agpl-3.0
- Created: 2022-11-30T09:44:17.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2025-03-25T10:59:24.000Z (about 2 months ago)
- Last Synced: 2025-03-25T11:36:30.985Z (about 2 months ago)
- Topics: cvd, cvd-policy, cve, vulnerability-databases, vulnerability-lookup
- Language: HTML
- Homepage: https://www.vulnerability-lookup.org
- Size: 6.28 MB
- Stars: 222
- Watchers: 15
- Forks: 18
- Open Issues: 22
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE.md
- Code of conduct: CODE_OF_CONDUCT.md
- Security: SECURITY.md
- Authors: AUTHORS
Awesome Lists containing this project
README
# Vulnerability-Lookup
[](https://github.com/vulnerability-lookup/vulnerability-lookup)
[](https://github.com/vulnerability-lookup/vulnerability-lookup/releases/latest)
[](https://www.gnu.org/licenses/agpl-3.0.html)
[](https://github.com/vulnerability-lookup/vulnerability-lookup/graphs/contributors)
[](https://github.com/vulnerability-lookup/vulnerability-lookup/stargazers)
Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources,
independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD).
Vulnerability-Lookup is also a collaborative platform where users can comment on security advisories and create bundles.
A Vulnerability-Lookup instance operated by [CIRCL](https://www.circl.lu)
is available at [https://vulnerability.circl.lu](https://vulnerability.circl.lu).
## Main features
- **API**: A comprehensive and fast lookup API for searching vulnerabilities and identifying correlations by vulnerability identifier.
- **Feeders**: Modular system to import vulnerabilities from different sources.
- **CVD process**: Creation, edition and fork/copy of Security Advisories with the [vulnogram editor](https://github.com/Vulnogram).
Support of local vulnerability source per Vulnerability-Lookup instance.
- **Sightings**: Users have the possibility to add observations to vulnerabilities with different types of sightings, such as:
*seen*, *exploited*, *not exploited*, *confirmed*, *not confirmed*, *patched*, and *not patched*.
- **Comments**: Ability to add, review and share comments on vulnerability advisories.
- **Bundles**: Possibility to create bundles of vulnerability advisories with a description.
- **RSS/Atom**: An extensive RSS and Atom support for vulnerabilities and comments.
- **EPSS**: Integration of the Exploit Prediction Scoring System.
- **Track vulnerabilities** with your custom product watch lists and receive email notifications.
For more information, refer to the [user manual](https://www.vulnerability-lookup.org/user-manual/)
or the [documentation](https://www.vulnerability-lookup.org/documentation).
## Sources and Feeders
- [CISA Known](https://www.cisa.gov/known-exploited-vulnerabilities-catalog) exploited vulnerability DB (via HTTP).
- NIST NVD CVE importer (via API 2.0), [Fraunhofer FKIE](https://github.com/fkie-cad/nvd-json-data-feeds) NVD.
- [CVEProject - cvelist](https://github.com/CVEProject/cvelist) (via git submodule repository).
- Cloud Security Alliance - [GSD-Database](https://github.com/cloudsecurityalliance/gsd-database/) (via git submodule repository).
- GitHub [Advisory Database](https://github.com/github/advisory-database) (via git submodule repository).
- PySec [Advisory Database](https://github.com/pypa/advisory-database) (via git submodule repository).
- [OpenSSF Malicious Packages](https://github.com/ossf/malicious-packages) (via git submodule repository)
- Additional sources via CSAF including CERT-Bund, CISA, Cisco, nozominetworks, Open-Xchange, Red Hat, Sick, Siemens, NCSC-NL, Microsoft.
- [VARIoT](https://www.variotdbs.pl/vulns/) IoT vulnerabilities database.
- [JVN iPedia](https://jvndb.jvn.jp), Japan database of vulnerability countermeasure information.
- [Tailscale](https://tailscale.com/security-bulletins) security bulletins.
- [CWE](https://cwe.mitre.org) (Common Weakness Enumeration) and [CAPEC](https://capec.mitre.org) (Common Attack Pattern Enumeration and Classification)
## Sighting Sources
Vulnerability-Lookup facilitates the recording of vulnerability sightings, regardless of whether they have been published by a source.
A suite of sighting clients is already available to support this functionality:
Our tools on the Python Package Index (PyPI):
| Tool | Description |
| ------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| [ShadowSight](https://pypi.org/project/ShadowSight) | A client that retrieves vulnerability observations from the The Shadowserver Foundation and pushes them to a Vulnerability-Lookup instance. |
| [FediVuln](https://pypi.org/project/FediVuln) | A client to gather vulnerability-related information from the Fediverse. |
| [BlueSkySight](https://pypi.org/project/BlueSkySight) | A client to gather vulnerability-related information from Bluesky. |
| [MISPSight](https://pypi.org/project/MISPSight) | A client that retrieves vulnerability observations from a MISP server and pushes them to a Vulnerability-Lookup instance. |
| [NucleiVuln](https://pypi.org/project/NucleiVuln) | A client designed to retrieve vulnerability-related observations from the Nuclei Git repository of templates and pushes them to a Vulnerability-Lookup instance. |
| [ExploitDBSighting](https://pypi.org/project/ExploitDBSighting) | A client that retrieves vulnerability observations from Exploit-DB and pushes them to a Vulnerability-Lookup instance. |
| [KEVSight](https://pypi.org/project/KEVSight) | A client to generate sightings for Vulnerability-Lookup from the Known Exploited Vulnerabilities (KEV) catalog. |
| [GistSight](https://pypi.org/project/GistSight) | A client for gathering vulnerability-related information from GitHub Gists. |
If you want to create your own sigthing tool, it's recommended to use [PyVulnerabilityLookup](https://github.com/vulnerability-lookup/PyVulnerabilityLookup),
a Python library to access Vulnerability-Lookup via its REST API.
## Installation
Generally speaking, requirements are the following:
- Recent version of Python 3.10
- Recent version of Poetry
- [Kvrocks database](https://github.com/apache/kvrocks)
[Installation instructions](https://www.vulnerability-lookup.org/documentation/installation.html) are available in the documentation.
## Architecture
## License
Vulnerability-Lookup is free software released under the "GNU Affero General Public License v3.0".
~~~
Copyright (c) 2023-2025 Computer Incident Response Center Luxembourg (CIRCL)
Copyright (c) 2023-2025 Alexandre Dulaunoy - https://github.com/adulau
Copyright (c) 2023-2025 Raphaël Vinot - https://github.com/Rafiot
Copyright (c) 2024-2025 Cédric Bonhomme - https://github.com/cedricbonhomme
~~~