<p align="center"> <img src="assets/cvemate-color.png" alt="CveMate logo" width="200" /> </p> <h1 align="center">CveMate</h1> <p align="center"> <strong>Simple, yet powerful vulnerability intelligence at your fingertips</strong> </p> <p align="center"> <a href="#features">Features</a> • <a href="#risk-scoring">Risk Scoring</a> • <a href="#roadmap">Roadmap</a> • <a href="#getting-started">Getting Started</a> • <a href="#contributing">Contributing</a> • <a href="#license">License</a> </p>

Overview

🎯 CveMate transforms vulnerability management by unifying critical security intelligence into a single, elegant platform. Security teams can now access comprehensive vulnerability data without the complexity of managing multiple disparate sources.

Getting Started

🚀 Visit cvemate.com to begin streamlining your vulnerability management workflow.

Features

✨ Explore the platform capabilities that centralize your vulnerability intelligence.

Unified Intelligence Hub

Access everything in one place:

📊 Comprehensive Vulnerability Data - Complete CVE information and details
🎯 Exploitability Markets - Real-world exploit availability tracking
📈 EPSS Scores - Exploit Prediction Scoring System for risk prioritization
🛡️ CISA KEV Integration - Known Exploited Vulnerabilities catalog
📦 Product & Package Mapping - Affected software and version tracking

Advanced Threat Intelligence

🌐 Multi-Source Enrichment - Aggregated data from leading exploit databases
🔍 Darkweb Monitoring (Experimental) - Early warnings from underground forums
⚡ Real-time Updates - Stay ahead of emerging threats

Risk Scoring

📊 CveMate calculates an Overall Risk Score (0-100) for each vulnerability by combining multiple threat indicators.

The score is further adjusted by conditional rules that handle specific threat scenarios like active exploitation campaigns, AI-detected emergencies, and critical severity combinations.

Read the full scoring methodology →

Roadmap

🗺️ Upcoming features and improvements planned for CveMate.

Vote for features! Take the Roadmap Poll to help prioritize what gets built next.

Enhanced Asset Inventory

[ ] 🏭 Vendor Database - Comprehensive vendor information and tracking
[ ] 📦 Product Catalog - Detailed product database with version mapping
[ ] ⏰ End-of-Life Tracking - EOL dates and support lifecycle information

Developer & Integration Tools

[ ] 🔌 GraphQL API Access - Programmatic access to vulnerability intelligence

SBOM Scanner

[ ] 📋 Vulnerability Analysis - Scan SBOMs for known vulnerabilities
[ ] 💥 Exploitability Assessment - Real-world exploit availability for SBOM components
[ ] ⏰ Product EOL Information - End-of-life status for software in your inventory
[ ] 📊 Risk Scoring - Comprehensive scoring for prioritization

Contributing

🤝 Your contributions help make vulnerability management better for everyone.

How You Can Help

🐛 Report bugs - Help us improve stability
💡 Suggest features - Share your ideas for new capabilities

Open an issue or contribute: github.com/pl0psec/cvemate.com/issues

Community

💬 Join our growing community of security professionals who are simplifying their vulnerability management workflows with CveMate.

License

⚖️ This project is licensed under the terms specified in LICENSE.md.

Acknowledgments

🙏 CveMate is a passion project maintained during spare time. Special thanks to all contributors and the security community for their invaluable feedback and support.

Cvemate.com

Install / Use

README