mirror of
https://github.com/vulnerability-looku/vulnerability-lookup.git
synced 2025-07-16 14:32:30 +00:00
Vulnerability Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD).
https://www.vulnerability-lookup.org
b6ddf3d7b0
Some checks failed
CodeQL / Analyze (push) Has been cancelled
MyPy / Python 3.12 sample (push) Has been cancelled
API Test / Python 3.10 sample (push) Has been cancelled
API Test / Python 3.11 sample (push) Has been cancelled
API Test / Python 3.12 sample (push) Has been cancelled
API Test / Python 3.13 sample (push) Has been cancelled
Models Tests / Python 3.10 sample (push) Has been cancelled
Models Tests / Python 3.11 sample (push) Has been cancelled
Models Tests / Python 3.12 sample (push) Has been cancelled
|
||
|---|---|---|
| .github | ||
| bin | ||
| cache | ||
| config | ||
| docs | ||
| etc | ||
| logs | ||
| storage | ||
| tests | ||
| tools | ||
| vulnerabilitylookup | ||
| website | ||
| .editorconfig | ||
| .env.sample | ||
| .gitignore | ||
| .gitmodules | ||
| .pre-commit-config.yaml | ||
| AUTHORS | ||
| CHANGELOG.md | ||
| CODE_OF_CONDUCT.md | ||
| docker-compose.yml | ||
| Dockerfile | ||
| LICENSE.md | ||
| mypy.ini | ||
| new_source.md | ||
| poetry.lock | ||
| pyproject.toml | ||
| README.md | ||
| run.sh | ||
| SECURITY.md | ||
Vulnerability-Lookup
Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD). Vulnerability-Lookup is also a collaborative platform where users can comment on security advisories and create bundles.
A Vulnerability-Lookup instance operated by CIRCL is available at https://vulnerability.circl.lu.
Main features
- API: A comprehensive and fast lookup API for searching vulnerabilities and identifying correlations by vulnerability identifier.
- Feeders: Modular system to import vulnerabilities from different sources.
- CVD process: Management of Security Advisories and Vulnerability Disclosures.
- Support of local vulnerability source per Vulnerability-Lookup instance.
- Global CVE Allocation System: Support of the Global CVE Allocation System (GCVE).
- Sightings: Users have the possibility to add observations to vulnerabilities with different types of sightings, such as: seen, exploited, not exploited, confirmed, not confirmed, patched, and not patched.
- Comments: Ability to add, review and share comments on vulnerability advisories.
- Bundles: Possibility to create bundles of vulnerability advisories with a description.
- RSS/Atom: An extensive RSS and Atom support for vulnerabilities and comments.
- EPSS: Integration of the Exploit Prediction Scoring System.
- Track vulnerabilities with your custom product watch lists and receive email notifications.
For more information, refer to the user manual or the documentation.
Sources and Feeders
- CISA Known exploited vulnerability DB (via HTTP).
- NIST NVD CVE importer (via API 2.0), Fraunhofer FKIE NVD.
- CVEProject - cvelist (via git submodule repository).
- Cloud Security Alliance - GSD-Database (via git submodule repository).
- GitHub Advisory Database (via git submodule repository).
- PySec Advisory Database (via git submodule repository).
- OpenSSF Malicious Packages (via git submodule repository)
- Additional sources via CSAF including CERT-Bund, CISA, Cisco, nozominetworks, Open-Xchange, Red Hat, Sick, Siemens, NCSC-NL, Microsoft.
- VARIoT IoT vulnerabilities database.
- JVN iPedia, Japan database of vulnerability countermeasure information.
- Tailscale security bulletins.
- CWE (Common Weakness Enumeration) and CAPEC (Common Attack Pattern Enumeration and Classification)
Sighting Sources
Vulnerability-Lookup facilitates the recording of vulnerability sightings, regardless of whether they have been published by a source. A suite of sighting clients is already available to support this functionality:
Our tools on the Python Package Index (PyPI):
| Tool | Description |
|---|---|
| ShadowSight | A client that retrieves vulnerability observations from the The Shadowserver Foundation and pushes them to a Vulnerability-Lookup instance. |
| FediVuln | A client to gather vulnerability-related information from the Fediverse. |
| BlueSkySight | A client to gather vulnerability-related information from Bluesky. |
| MISPSight | A client that retrieves vulnerability observations from a MISP server and pushes them to a Vulnerability-Lookup instance. |
| NucleiVuln | A client designed to retrieve vulnerability-related observations from the Nuclei Git repository of templates and pushes them to a Vulnerability-Lookup instance. |
| ExploitDBSighting | A client that retrieves vulnerability observations from Exploit-DB and pushes them to a Vulnerability-Lookup instance. |
| KEVSight | A client to generate sightings for Vulnerability-Lookup from the Known Exploited Vulnerabilities (KEV) catalog. |
| GistSight | A client for gathering vulnerability-related information from GitHub Gists. |
If you want to create your own sigthing tool, it's recommended to use PyVulnerabilityLookup, a Python library to access Vulnerability-Lookup via its REST API.
Installation
Generally speaking, requirements are the following:
- Recent version of Python 3.10
- Recent version of Poetry
- Kvrocks database
Installation instructions are available in the documentation.
Architecture
License
Vulnerability-Lookup is free software released under the "GNU Affero General Public License v3.0".
Copyright (c) 2023-2025 Computer Incident Response Center Luxembourg (CIRCL)
Copyright (c) 2023-2025 Alexandre Dulaunoy - https://github.com/adulau
Copyright (c) 2023-2025 Raphaël Vinot - https://github.com/Rafiot
Copyright (c) 2024-2025 Cédric Bonhomme - https://github.com/cedricbonhomme