Know which vulnerabilities
actually matter to you.
Discover what's hijacking Juanpao JPShop APIs
A live database of 347.2K vulnerabilities — 65.4K linked to public exploit code and 1.6K confirmed exploited (CISA KEV). Continuously synced from NVD, GHSA, CISA KEV, and CSAF advisories — enriched with EPSS scores, exploit links, Nuclei & OpenVAS scanner checks, and MITRE ATT&CK mappings. Ranked by real-world exploitation, and filtered to the software you actually run.
Every day, security information is published everywhere.
Vulnerability intelligence lives in dozens of places at once — each with its own format, feed and update cadence.
Having all these sources isn't the problem. Bringing them together — and knowing what actually matters — is.
What's discussed now
Out of everything published across those sources today, this is what the security world is actually talking about — ranked by what matters. Pick any CVE to see the full picture.
- 1CVE-2026-56164KEVNEWin-the-wildKEV added
Microsoft SharePoint Server Elevation of Privilege Vulnerability
5.3100 - 2CVE-2026-56155KEVNEWin-the-wildKEV added
Active Directory Federation Services Elevation of Privilege Vulnerability
7.885 - 3CVE-2026-50661NEWin-the-wildexplain
Windows BitLocker Security Feature Bypass Vulnerability
6.169 - 4CVE-2026-55008NEWin-the-wildexploit clicks
Microsoft Exchange Server Spoofing Vulnerability
9.665 - 5CVE-2026-55040NEWin-the-wildviews
Microsoft SharePoint Server Security Feature Bypass Vulnerability
9.162 - 6CVE-2026-57092NEWin-the-wildexplain
Microsoft Windows VMSwitch Elevation of Privilege Vulnerability
9.961 - 7CVE-2026-50522NEWin-the-wildexplain
Microsoft SharePoint Remote Code Execution Vulnerability
9.858 - 8CVE-2026-58644NEWin-the-wildexplain
Microsoft SharePoint Remote Code Execution Vulnerability
9.852 - 9CVE-2026-15410KEVNEWin-the-wildKEV added
Post-authentication improper control of generation of code ('Code Injection') vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) which in specific conditions could ...
7.252 - 10CVE-2026-15409KEVNEWin-the-wildKEV added
A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make...
10.052
Multiple intelligence sources, one place.
We collect, connect and enrich every source into a single page per CVE. No ten open tabs.
Everything you need about a vulnerability.
One CVE. Every source we track about it — joined on a single page.
A single page that joins every source below — no ten tabs, no manual research.
Find exploitable CVEs in milliseconds
KEV, exploits, EPSS, CWE, vendor, attack vector — combine any filter over 250K+ CVEs. Sub-50ms.
Stop scanning 250,000 CVEs.
Watch the ones that matter to you.
Import the software you run and get a live feed of exploited vulns, KEV entries and public exploits for your exact products — then act on the few that matter and defer the rest with a defensible record.
- Import onceHost scan, SBOM, or a single CLI command — cvetools resolves your software to canonical products.
- Only what hits youPer-product CVE, CISA-KEV and public-exploit counts — ranked, no 250K-row noise.
- Decide with proofAct on the few that meet your cut-line, defer the rest with a frozen audit trail — and they auto-escalate if they cross the line.
- Told when it mattersGet alerted the moment a new exploited vulnerability lands on something you run.
You track CVEs. Do you know which of your systems are exposed to them right now?
A free external review — from the attacker's side. We map your exposed services, forgotten systems and employee passwords found in breaches. No install, no access to your systems, no obligation.
Just your primary domain to begin · reviewed by practicing pentesters
Search finds a page. cve.tools gives you the whole picture.
All numbers are live. Our sync pipeline pulls vulnerability data from CVEProject, NVD, GHSA, CISA KEV, CSAF advisories, and other authoritative sources — enriched and scored automatically.
Everything you need to work with vulnerabilities
CVE Tools is not just a database — it's a complete vulnerability intelligence workstation. Every CVE is enriched, linked, and queryable through multiple interfaces.
Threat Radar
Threats ranked by real-world signal — exploitation, KEV, EPSS and news attention — in one Act-now queue.
My Stack — Personal Threat Console
Import the software you run and track only the CVEs, KEV entries and exploits that actually hit your products.
CVE Database
Live mirror of NVD and the official CVEProject feed with CVSS, affected products, CPEs, and CWE weaknesses.
Exploit Intelligence
Auto-linked PoCs from GitHub, ExploitDB, and Metasploit, with maturity signals on each entry.
CISA KEV Tracking
Live overlay of the Known Exploited Vulnerabilities catalog — what is actively abused and mandated to patch.
EPSS Scoring
FIRST.org exploit-probability scores on every CVE. Prioritise by likelihood, not just severity.
Scanner Coverage
Nuclei and OpenVAS detection checks mapped to specific CVEs — confirm exposure yourself, or let us scan for you.
CSAF Advisories
CISA CSAF 2.0 advisories for IT and OT/ICS, with remediation guidance and product-level severity.
Semantic Search
Sub-50ms faceted and vector search across 250K+ CVEs — by vendor, product, CWE, attack vector and more.
Trends & Sector Intelligence
Monthly trend reports and AI vendor/sector tagging — see where the threat landscape is moving.
Security News & Pulse
Curated security news with an attention layer — what the industry is actually discussing right now.
MCP, REST API & CLI
Plug in via MCP (Claude, Cursor), call the REST API from scripts, or run cvetools from your terminal.
July 2026
in numbers
One snapshot of where vulnerabilities moved this month — volume, severity, KEV velocity, top vendors and CWEs. New report on the 1st.
Open monthly report →Where the data comes from
CVE Tools aggregates, enriches, and structures vulnerability data from authoritative sources. Every record passes through our parsing, scoring, and enrichment pipeline before entering the database.
NIST National Vulnerability Database. CVSS scoring, CPE matching, and CWE classification.
Russian FSTEC vulnerability database. Independent severity assessments and remediation data.
CISA CSAF 2.0 advisories for IT and OT/ICS. Industrial control systems security guidance.
CISA Known Exploited Vulnerabilities catalog. Confirmed active exploitation in the wild.
Official CVE database from CVE Numbering Authorities. Synced from GitHub repository.
GitHub Security Advisories. OSV-format advisories with ecosystem-specific impact data.
ProjectDiscovery scanner templates. Actionable detection rules linked to CVEs.
Greenbone/OpenVAS NVT checks (by OID). Detection scripts linked to CVEs — the widest open-source scanner coverage.
OSV, VulnDB, and ZDI integrations are in development. Suggest a source you'd like to see next.
Years of vulnerability data, continuously growing
Coverage from 1999 to present, by publication year. The current year updates in real time as new vulnerabilities are published and synced.
Attack surface in real time
This graph is built from the 5 most-discussed vulnerabilities right now — the CVEs drawing the most attention across security news. It maps affected products through vulnerabilities to MITRE ATT&CK techniques and kill chain stages, showing not just what's broken, but how it could be exploited.
Latest Critical CVEs & Attack Paths
microsoft/microsoft sharepoint enterprise server 2016
Microsoft SharePoint Remote Code Execution Vulnerability
microsoft/microsoft sharepoint enterprise server 2016
Microsoft SharePoint Remote Code Execution Vulnerability
microsoft/microsoft sharepoint enterprise server 2016
Microsoft SharePoint Remote Code Execution Vulnerability
microsoft/microsoft 365 copilot for android
Microsoft Copilot Remote Code Execution Vulnerability
microsoft/minecraft bedrock dedicated server
Minecraft Bedrock Dedicated Server Remote Code Execution Vulnerability
This graph refreshes automatically as new vulnerabilities start trending across security news.
Stop checking vulnerability websites.
Start following what matters.
Free to explore. Create an account to track your stack and get alerted the moment your risk changes.