About - Vulnerability Intelligence Hub

About the Project

The Vulnerability Intelligence Hub is a lightweight, client-side analytical tool designed to provide comprehensive security intelligence without the need for costly subscriptions or proprietary databases. By leveraging a decentralized architecture, the tool orchestrates real-time data retrieval from a suite of public and official cybersecurity repositories, including the National Vulnerability Database (NVD), CISA's Known Exploited Vulnerabilities (KEV) catalog, the FIRST EPSS model, and the CVE Program.

Tailored for both offensive and defensive security practitioners, the tool centralizes prioritization metrics while providing immediate access to public exploits and proof-of-concept (PoC) code.

Key Features

Official data orchestration: Aggregates critical metrics such as CVSS scores, CWE/CAPEC mappings, EPSS (Exploit Prediction Scoring System) values, and CISA KEV (including ransomware) directly from authoritative sources.
Decision support integration: Adopts the Stakeholder-Specific Vulnerability Categorization (SSVC) framework, automatically calculating actionable remediation priorities (e.g., Track, Attend, Act).
Public exploit intelligence: Crawls best of breed public repositories, including GitHub PoC archives and Exploit-DB, to correlate vulnerabilities with existing proof-of-concept code.
Zero-infrastructure footprint: By executing data retrieval logic on the client side, it eliminates the need for backend processing, providing an accessible, "zero-install" environment.
Open source: The tool's architecture allows it to be hosted and executed entirely within a local environment.

Frequently Asked Questions

Are you tracking me?

No, aside from basic analytics provided by Cloudflare Pages. I don't know who you are or which vulnerabilities you are looking for, and I don't care to know.

Note on Cloudflare Pages: This site uses standard Cloudflare Web Analytics, which is a privacy-first, non-invasive analytics service. It does not use cookies, does not collect personal data, and does not track users across different websites. It only provides high-level metrics like page views and browser types to help me understand site performance.

SSVC is a decision tree, why are you reaching a decision without asking me for information?

The SSVC decision is automatically calculated in "paranoid mode." For the purpose of providing immediate, actionable intelligence, the tool assumes the "Mission & Wellbeing Impact" is always High. This ensures that the suggested priority (Track, Attend, Act) leans toward safety and urgency.

SSVC is shown even if official sources don't provide it. Where is this data coming from?

I am calculating it dynamically based on the available data from other sources:

Exploitation Field

• If the CVE is in the CISA KEV catalog, it is set to Active (A).
• Else if there is at least one PoC URL, it is set to PoC (P).
• Otherwise, it defaults to None (N).

Automatable Field

The CVE is marked as Yes (Y) if the CVSS metrics match:
Attack Vector: NETWORK + Privileges Required: NONE + User Interaction: NONE + Attack Complexity: LOW.
All other conditions result in No (N).

Technical Impact Field

Marked as Total (T) if Confidentiality Impact: HIGH AND Integrity Impact: HIGH.
Otherwise, it is marked as Partial (P).

SSVC doesn't officially have a vector; did you make that up?

Yes and no. It doesn't have an official vector string format (which is a pity), so I created one for this tool. However, it is built using official short keys derived from the CISA Coordinator framework.

I don't trust you, I want to run it on my own infrastructure.

I understand. Everything is open source. You can clone the UI from GitHub and host it yourself. You can also clone data sources from these repos:

Sometimes there's more than one CVSS score for a single CVE, but you are only showing one.

Sometimes less is more. To avoid noise, the tool prioritizes the official primary metric from the NVD and favors the most recent CVSS version (e.g., CVSS v4.0 or v3.1 over v2.0).

Where are you getting your PoCs from?

Currently, PoC research is aggregated from the following sources:
• NVD Reference Tags: Specific links tagged as "Exploit" within the official NVD record.
• Exploit-DB: Entries from the OffSec exploit database.
• GitHub: The awesome nomi-sec/PoC-in-GitHub repository.

Are you checking if the PoCs are safe?

Absolutely not. These links are provided for research and intelligence purposes only. You should never execute code found in these repositories without first manually auditing the content in a secured, isolated environment.

Neat UI, but I don't give a s**t about it. I want APIs.

Technically, this tool has no backend, which means there are no APIs to call. However, a Python library designed to mirror this retrieval logic is planned for release soon. Or maybe not.

What is the license?

Apache 2.0. In short: you can use, modify, and distribute this for personal or commercial purposes. You don't owe me anything, but you must include the original copyright notice and license text. No warranties provided—if it breaks, you own both parts. You can bore youself with the full license here.

I found a bug or I have a suggestion to improve the tool.

Awesome. Feel free to file an issue on GitHub or reach out to me on LinkedIn.