The Correlated CVE Vulnerability And Threat Intelligence Database API

OSINT tool - gets data from services like shodan, censys etc. in one app

Generate MITRE ATT&CK and D3FEND from a list of CVEs. Database with CVE, CWE, CAPEC, MITRE ATT&CK and D3FEND Techniques data is updated daily. Showcased at BlackHat Europe 2025 Arsenal.

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

"Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyber Hunting" by Erik Hemberg, Jonathan Kelly, Michal Shlapentokh-Rothman, Bryn Reinstadler, Katherine Xu, Nick Rutar, Una-May O'Reilly

Python API for vFeed Vulnerability & Threat Intelligence Database Enterprise & Pro Editions

Repository for "SecurityEval Dataset: Mining Vulnerability Examples to Evaluate Machine Learning-Based Code Generation Techniques" published in MSR4P&S'22.

FastCVE: A Dockerized CVE search tool with API and CLI support for security vulnerability queries.

AI-native security auditor on AgentField that proves exploitability with verdicts, traces, and actionable evidence.

A search engine on information delivered by OSINT sources to support Vulnerability Assessment

The CWE Calculator enables software development teams to score and prioritize discovered weaknesses empirically based on data in the National Vulnerability Database (NVD).

A modular MCP server providing AI-driven vulnerability management skills, including severity classification and automated insights.

Scripts for downloading and importing CVE json feeds into Neo4j

Python tool to check your Android kernel for missing CVE patches.

A small script that creates relationships between common CTI knowledge-bases in STIX 2.1 format.

To collect and combine all JSON vulnerability feeds from NIST's National Vulnerability Database with matching Exploit Database ID

A collection of scripts that can detect CWE automatically. Based on Ghidra.

Proof of Concept: CVE-2026-24061 is a critical authentication bypass vulnerability in GNU inetutils-telnetd allowing unauthenticated remote attackers to gain instant root shell access via malicious NEW_ENVIRON telnet option exploitation.

Downloads CWE and CVE files, then simplify data and saves them as json files. cwe.json file has all the data, CVEs are divided in files named after CWE. Library for sarenka app.

Visualization of CWE tree structure & navigation between weaknesses