Open Source Security Alerting Platform

Based on well-known standards (CVE, CWE, CVSS, CPE...)

Explore the list of CVE

OpenCVE lets you search the CVE you want filtered by vendor, product, CVSS or CWE.

Because security is our main concern as well, everything is done to ease access to vulnerabilty warnings and let you know first.

>> Explore the list of CVE

Analyse CVE details

OpenCVE is synchronized with the feed provided by the NVD. So each CVE displays the standards you already know :

  • CVE (Common Vulnerability Enumeration)
  • CPE (Common Platform Enumeration)
  • CWE (Common Weakness Enumeration)
  • CVSS (Common Vulnerability Scoring System)

Manage your subscriptions

OpenCVE parses the CPEs of each CVE and extract the associated vendors and products.

You can then subscribe as many vendors or products as you want, and you will be notified as soon as a CVE concerning them is published or updated.

Custom dashboard and reports

Your dashboard only includes the CVE associated to your subscriptions, and you can filter the list by keywords of CVSS score.

OpenCVE keeps track of the changes, so you can find the history of your alerts in your Reports page.

Email notifications

Don't miss a vulnerability disclosure anymore : you subscribe in one click on any vendors or products, and you receive an alert as soon as a CVE is published or updated.

OpenCVE formats the notifications in such a way that you can quickly see what are the affected vendors and products.

Rest API

Integrate OpenCVE with your own tools using the Rest API.

List the last CVEs per vendor, filter them by CVSS or analyse the changes in your reports.

Read the API documentation for the endpoints details.

Open source

OpenCVE has been released on Github, so you can now use it in SaaS mode or On-premise.

You want a new feature ? You discovered a bug ? Create an issue, or even better make a pull-request, the OpenCVE community will be happy to review it.

Get started to handle your security alerts

Join the OpenCVE community and start to get notified about new vulnerabilities.

Try OpenCVE for free

How it works

Subscribe to vendors

Many CVE are released every day, but you're not interested by all of them. OpenCVE allows you to filter the list by subscribing to vendors and their products (Microsoft, Cisco, Apple, Wordpress...).

Receive notifications

OpenCVE regularly fetch the list of CVE from the NVD and check your subscriptions : if an update concerns you, a notification is automatically sent. You can also choose to group the alerts and send them once a day.

Analyse the CVE

You just receive an alert concerning your vendors and products, it's now time to go into details to check if you're impacted : what are the vulnerable versions, what is the CVSS score, read the references links, etc.

Subscribe
Notify
Analyse

The Team

Nicolas Crocfer

Core Developer

Laurent Durnez

Sysadmin