Spyke

Syndicated from the fediverse. Read and engage on the original instance.

View original on lemmy.ml
securityΒ·SecuritybyCedric

πŸš€ Vulnerability-Lookup 5.4.0 is out β€” and it speaks VEX!

Vulnerability-Lookup now ingests Red Hat's per-CVE CSAF VEX documents and attaches them straight to the vulnerabilities you're already tracking. Which products are affected? Which are fixed? Which were never affected at all? One glance at the new VEX tab β€” or the EPSS-style VEX badge right in the vulnerability header β€” and you know.

No more digging through vendor advisories to answer "does this CVE actually matter to us?" πŸ”Ž

Also in this release:

βœ… New /api/vex endpoints β€” VEX data, fully machine-readable πŸ” Per-user enable/disable of CNA publication, with a dedicated admin overview πŸ“¬ Admin overview for KEV catalog e-mail subscriptions + richer digest e-mails (entry titles, affected vendors & products) πŸ› οΈ A batch of feeder robustness fixes β€” no more full re-imports or notification storms after a partial download failure

Vulnerability-Lookup is open source, and you can run your own instance today (https://www.vulnerability-lookup.org/documentation/installation.html).

πŸ‘‰ Release post: https://www.vulnerability-lookup.org/2026/07/10/vulnerability-lookup-5-4-0/

⭐ GitHub: https://github.com/vulnerability-lookup/vulnerability-lookup

Feel free to create an account on the instance operated by CIRCL: πŸ‘‰ https://vulnerability.circl.lu/user/signup

πŸ“š References

Source code: https://github.com/vulnerability-lookup/vulnerability-lookup

Examples:

πŸ’ΆπŸ‡ͺπŸ‡Ί Funding

Vulnerability-Lookup is co-funded by CIRCL and by the European Union through the #NGSOTI project.

More information from the Restena Foundation: https://www.restena.lu/en/project/ngsoti

#VulnerabilityManagement #VEX #CSAF #CVE #OpenSource #CyberSecurity #ThreatIntelligence

View original on lemmy.ml
5

No replies yet

No comments on the original post yet.
πŸš€ Vulnerability-Lookup 5.4.0 is out β€” and it speaks VEX! | Spyke