CVE Watcher
Sitemap Privacy Security.txt Open CVE Console

Credits

Data sources

This website uses public security data sources. Always review each provider's terms, rate limits and attribution requirements before public or commercial use.

This product uses the NVD API but is not endorsed or certified by the NVD.

NVD data is used to search, display and analyze CVE information. This site may combine or enrich CVE records with other sources such as CVE List v5, OSV.dev, FIRST EPSS, CISA KEV, optional Vulners/Tenable connectors and local backend-only manual notes. Any enrichment, prioritization, color coding, grouping or local note shown on this website is produced by this application and should not be represented as NVD-provided content.

CVE List v5 / CVE.org

Fast official CVE records from the CVE Program repository. Used for newest CVE visibility before every record is fully enriched by NVD.

  • Enabled by default.
  • No API key is required.
  • Best suited for showing newly published or recently changed CVE records.

NVD / NIST CVE API

Main source for CVE descriptions, CVSS data, CPE-based OS matching and keyword search. The NVD name is used only to identify the source of API content.

  • Do not imply NVD or NIST endorsement, certification or approval.
  • Do not share an NVD API key with other people or organizations.
  • Respect NVD rate limits and cache responses where possible.
  • If data is modified, enriched or re-prioritized, label that output as application-derived.

OSV.dev API

Package and ecosystem vulnerability data, especially useful for Linux packages and open-source dependencies.

  • Enabled by default.
  • No API key is required.
  • Used when a service/package is selected, such as NGINX, OpenSSL, Apache HTTPD, MySQL or PHP.

FIRST EPSS API

Exploit Prediction Scoring System data used to estimate exploitation likelihood. EPSS values are shown as prioritization context, not as a replacement for technical validation.

CISA KEV Catalog

Known Exploited Vulnerabilities data used to highlight CVEs that have evidence of exploitation in the wild.

How source data is shown

CVE descriptions and scoring may originate from NVD, CVE List v5, OSV.dev or another selected source. Priority labels, colors, local manual notes, combined risk summaries and any internal recommendations are generated by this application. They are not endorsements, certifications or official recommendations from NVD, NIST, CVE.org, OSV.dev, FIRST, CISA, Vulners or Tenable.

For operational use, verify critical findings against the original advisory and your own affected software versions before making production changes.