Vulnerability-Lookup

Author: CIRCL
Repository: {Github]//cve-search/vulnerability-lookup

Vulnerability-Lookup

Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD). Vulnerability-Lookup is also a collaborative platform where users can comment on security advisories and create bundles.

A Vulnerability-Lookup instance operated by CIRCL is available at https://vulnerability.circl.lu.

Features

API: A comprehensive and fast lookup API for searching vulnerabilities and identifying correlations by vulnerability identifier.
Feeders: Modular system to import vulnerabilities from different sources.
CVD process: Creation, edition and fork/copy of Security Advisories with the vulnogram editor. Support of local vulnerability source per Vulnerability-Lookup instance.
Sightings: Users have the possibility to add observations to vulnerabilities with different types of sightings, such as: seen, exploited, not exploited, confirmed, not confirmed, patched, and not patched.
Comments: Ability to add, review and share comments on vulnerability advisories.
Bundles: Possibility to create bundles of vulnerability advisories with a description.
RSS/Atom: An extensive RSS and Atom support for vulnerabilities and comments.
EPSS: Integration of the Exploit Prediction Scoring System.

The official documentation is available here.

Sources and Feeders

CISA Known exploited vulnerability DB (via HTTP).
NIST NVD CVE importer (via API 2.0), Fraunhofer FKIE NVD.
CVEProject - cvelist (via git submodule repository).
Cloud Security Alliance - GSD-Database (via git submodule repository).
GitHub Advisory Database (via git submodule repository).
PySec Advisory Database (via git submodule repository).
OpenSSF Malicious Packages (via git submodule repository)
Additional sources via CSAF including CERT-Bund, CISA, Cisco, nozominetworks, Open-Xchange, Red Hat, Sick, Siemens, NCSC-NL, Microsoft.
VARIoT IoT vulnerabilities database.
JVN iPedia, Japan database of vulnerability countermeasure information.
Tailscale security bulletins.
CWE (Common Weakness Enumeration) and CAPEC (Common Attack Pattern Enumeration and Classification)

Sighting Sources

Vulnerability-Lookup facilitates the recording of vulnerability sightings, regardless of whether they have been published by a source. A suite of sighting clients is already available to support this functionality:

MISP - A sighting client that retrieves vulnerability observations from a MISP server and pushes them to a Vulnerability-Lookup instance
Bluesky - A client to gather vulnerability-related information from Bluesky
Fediverse - A sighting client to gather vulnerability-related information from the Fediverse
Nuclei - A sighting client designed to retrieve vulnerability-related information from the Nuclei Git repository of templates.
Exploit-DB - A client that retrieves vulnerability observations from Exploit-DB and pushes them to a Vulnerability-Lookup instance
CISA KEV - Known Exploited Vulnerabilities (KEV) catalog
RSS - Newspipe is a web news aggregator capable to detect various types of security advisories within articles.
GitHub Gists - we are monitoring public Gists on Github with the tool GistSight.

If you want to create your own sigthing tool, it’s recommended to use PyVulnerabilityLookup, a Python library to access Vulnerability-Lookup via its REST API.

Installation

Requirements

Recent version of Python 3.10
Recent version of Poetry
Kvrocks database

Installation instructions are available in the documentation.

Architecture

Overview of the Vulnerability-Lookup architecture

License

Vulnerability-Lookup is free software released under the “GNU Affero General Public License v3.0”.

Copyright (c) 2023-2025 Computer Incident Response Center Luxembourg (CIRCL)
Copyright (c) 2023-2025 Alexandre Dulaunoy - https://github.com/adulau
Copyright (c) 2023-2025 Raphaël Vinot - https://github.com/Rafiot
Copyright (c) 2024-2025 Cédric Bonhomme - https://github.com/cedricbonhomme