Vulnerability Intelligence Platform

CVE hits the wire. Your team already knows.

CVEFeed monitors the software products you depend on and delivers real-time vulnerability alerts via email, Slack, or webhooks—enriched with EPSS, CVSS, KEV, and CWE context so your team can prioritize what actually matters.

Start Free API Docs
CVEs captured 000
Coverage 0%
Try it: grab the floating CVEs and drag them into the shield—a taste of what continuous monitoring feels like.
All captured. In production, CVEFeed does this 24/7 for your entire stack.
Alert routing
Push critical findings to email, Slack, Teams, Jira, or webhooks from one watchlist.
Priority context
Overlay EPSS, CVSS, KEV, and CWE signals so noisy CVEs do not bury urgent ones.
Project scoping
Track each stack separately with scoped API tokens, memberships, and per-project alerting.
Mouse magnet active
Step 1 Subscribe to your software products.
Step 2 We monitor CVE feeds 24/7.
Step 3 Get alerted the moment a vuln drops.
0
CVEs Tracked
0
New Today
0
Products Monitored
0
Vendors Indexed
Capabilities

Everything you need to stay
ahead of threats

From raw CVE data to actionable intelligence — one platform built for security teams.

Real-Time CVE Monitoring

Continuous ingestion from NVD, CISA KEV, and vendor advisories. New CVEs appear within minutes of publication.

Multi-Project Workspaces

Organize software stacks into projects. Invite team members, assign roles, and manage subscriptions per project.

Smart Alert Routing

Route alerts to email, Slack, Microsoft Teams, Jira, or webhook endpoints. Filter by severity, EPSS score, or exploit status.

EPSS Exploit Predictions

Exploit Prediction Scoring System data on every CVE. Prioritize patching by real-world exploitation probability.

Scoped API Tokens

Project-scoped API tokens with granular resource permissions. Integrate CVE data into your CI/CD, SIEM, or tooling.

CWE & CAPEC Intelligence

Deep-linked weakness and attack pattern databases. Understand the root cause and threat model behind every CVE.

How it works

Three steps to continuous
vulnerability awareness

1

Define Your Stack

Create a project and subscribe to the vendors and products your organization depends on.

2

Connect Your Channels

Wire up Slack, Microsoft Teams, Jira, webhook endpoints, or email. Choose severity levels and EPSS thresholds that trigger alerts.

3

Stay Ahead

Get notified the moment a new CVE affects your stack. Drill into CVSS, exploits, KEV status, and CWE context.

Developer API

Build on CVEFeed

RESTful API with project-scoped tokens, resource-level permissions, and tier-based rate limits.

  • Scoped Bearer Tokens Fine-grained read/write/admin scopes per resource. Hashed storage with prefix-based lookup.
  • CVEQL Query Language Threat-hunting queries across the CVE corpus. Filter by CVSS, EPSS, vendor, CWE, and date ranges.
  • Webhook Delivery Logs Full delivery audit trail with retry logic and request/response payloads for debugging.
cveql_hunt.py 200 OK 
# Hunt weaponized vulns in your stack with CVEQL
import requests

# CVEQL: SQL-like query language for the entire CVE corpus
query = """
    cvss_score >= 9.0
    and epss_scores.score >= 0.85
    and products.vendor.name in ("apache", "microsoft")
    and is_cisa_kev = True
    and published >= "2026-01-01"
"""

response = requests.post(
    "https://api.cvefeed.io/api/cveql/search/",
    headers={"Authorization": "Bearer cvf_proj_..."},
    json={"query": query, "page_size": 10},
)

for cve in response.json()["results"]:
    print(
        cve["id"],
        cve["severity"],
        cve["latest_epss"]["score"],
        cve["cisa_kev_detail"][0]["known_ransomware_campaign_use"],
    )
# CVE-2026-21985  CRITICAL  0.94  Known
# CVE-2026-4412   CRITICAL  0.91  Unknown
Pricing

Start free, scale as you grow

Every plan includes the full CVE database, EPSS data, and email alerts.

Free
For individual researchers
$0
Forever free
  • 1 project
  • 10 product subscriptions
  • 1 team member
  • Email alerts
  • 30 API req/min
  • 10 CVEQL req/min
  • Webhook alerts
  • Slack integration
  • Microsoft Teams
  • Advanced API
  • RBAC
  • Two-Factor Auth (MFA)
  • Activity log
  • 1-1 support
Get Started
Starter
For small teams
$15/mo
Billed monthly
  • 3 projects
  • 20 product subscriptions
  • 3 team members
  • Email alerts
  • 90 API req/min
  • CVEQL
  • Webhook alerts
  • Slack integration
  • Microsoft Teams
  • Advanced API
  • RBAC
  • Two-Factor Auth (MFA)
  • Activity log
  • 1-1 support
Sign Up to Try
Pro
For security teams
$50/mo
Billed monthly
  • 5 projects
  • 100 product subscriptions
  • 5 team members
  • Email + Webhook alerts
  • 180 API req/min
  • 30 CVEQL req/min
  • Webhook alerts
  • Advanced API
  • RBAC
  • Slack integration
  • Microsoft Teams
  • Two-Factor Auth (MFA)
  • Activity log
  • 1-1 support
Sign Up to Try
Enterprise
For organizations at scale
$100/mo
Billed monthly
  • 10 projects
  • 1,000 subscriptions
  • 10 team members
  • Email + Webhook alerts
  • 720 API req/min
  • 40 CVEQL req/min
  • Webhook alerts
  • Advanced API
  • RBAC
  • Slack integration
  • Microsoft Teams
  • Two-Factor Auth (MFA)
  • Activity log
  • 1-1 support
Sign Up to Try
Integrations

Fits into your existing workflow

Slack

Slack

Instant CVE alerts in any channel

Webhooks

Webhooks

Push events to your own endpoints

Splunk

Splunk

CVEFeed app on Splunkbase

Microsoft Teams

Adaptive Card alerts in Teams channels

Jira

Create issues from CVE alerts automatically

RSS Feeds

Subscribe via any RSS reader

Chrome Extension

CVE lookup right from your browser

Stop chasing CVEs.
Let them come to you.

Join security teams who rely on CVEFeed for continuous vulnerability intelligence. Free forever, upgrade when ready.

Create Free Account Read the Docs
We use cookies to improve your experience and analyze site usage. Privacy Policy

Cookie Preferences

Choose which cookies you'd like to allow. Essential cookies are always active.

Essential Always active
Required for the site to function. Includes session, security, and load-balancing cookies.
Analytics
Help us understand how visitors use the site so we can improve it. Data is aggregated and anonymous.