OpenCVE is a Vulnerability Intelligence Platform that helps you monitor and manage CVEs efficiently.

It aggregates vulnerabilities from multiple sources (MITRE, NVD, RedHat, Vulnrichment...) and lets you filter, track, and organize them by vendor, product, severity, and more.

You can subscribe to products, receive alerts, analyze changes, and collaborate with your team — all through a simple and powerful interface. Assign members to CVEs to track progress (e.g. under analysis, risk accepted) and keep everyone aligned.

• Filter CVEs by vendor, product, CVSS, KEV, EPSS, CWE, publication date, and more.
• Subscribe to vendors and products, and organize your monitoring with projects and organizations.
• Save complex filters as reusable Views.

• Classify CVEs with custom tags (e.g. unread, critical, assigned-to-dev).
• Assign users and statuses to CVEs to track progress (under analysis, risk accepted, etc.).
• Receive alerts instantly via email or webhook (Slack and Teams coming soon).

• Access the complete change history of CVEs: scores, descriptions, references, etc.
• Generate daily reports by project to stay ahead.
• Get AI-powered report summaries to see priorities and immediate actions at a glance.

• Create multiple dashboards to organize your work the way you want.
• Build your own dashboard with widgets like "CVEs per project" or "Recent Reports".
• Drag, resize, and save layouts per organization.

• Our in-house AI analyzes every new CVE and extracts associated vendors and products, even when they weren’t explicitly mentioned by the CVE authors.
• So users can subscribe and filter by vendor/product with confidence and never miss a relevant vulnerability.

Use the hosted version at https://www.opencve.io — no setup required.

Run OpenCVE on your own infrastructure using Docker. See the installation guide for more details.

OpenCVE is actively developed and regularly improved.

⭐ Star this repository and 🔔 watch releases to be notified of future updates.