Vulnerability-Lookup 4.1.0 released

We are excited to announce the release of Vulnerability-Lookup 4.1.0!
This version brings new features, improvements, and several bug fixes.

What’s New

Full-text search with Meilisearch

You can now enable full-text search on your Vulnerability-Lookup instance. This new feature relies on Meilisearch and the Vulnerability-Lookup event-stream. The indexer subscribes to the appropriate topic and receives all new and updated vulnerabilities pushed through the Valkey event-stream. This is the event-stream used by FediVuln in order to push notifications from a Vulnerability-Lookup instance to the Fediverse.

Meilisearch pub/sub architecture

A documentation is available.

Full-text search by product

Full-text search by CVSS

Full-text search by commit ID

Full-text indexer monitoring

New full-text search API endpoint

A new endpoint at /api/vulnerability/fulltext is now available for programmatic full-text searches. (9cdac1c)

Full-text search API

Better monitoring for email notifications

Email notifications are now monitored using Valkey. (7e3c26f)

New importers for Haskell, OCaml, and AlmaLinux

You can now import vulnerabilities from three additional ecosystems:

  • Haskelld4ddbe9
  • OCaml3596b73
  • AlmaLinux – A new feeder to automatically gather AlmaLinux vulnerabilities. 3e23c53

New sources

Sightings table recency boost

You can now toggle a “recency boost” in the sightings table to highlight the latest vulnerability activity. (e966a70)

Sightings recency boost

Improvements

  • Streamlined admin interface for users and bundles for a more consistent experience.
    2b1cc87 | 20912ac
  • Adjusted how recent sightings are weighted to better reflect activity trends.
    a8dc7f3

Fixes

  • Improved stability in real-time streams and email notifications.
    95c249a | fdf1a2f
  • Corrected pagination and comment display in the API.
    6003ad1
  • Fixed issues with sending emails when templates failed and case-sensitive IDs in certain feeds.
    7f97222 | d87cc46 | bf0b8ba

Changelog

📂 For the full list of changes, check the GitHub release:
https://github.com/vulnerability-lookup/vulnerability-lookup/releases/tag/v4.1.0

🙏 Thank you to all contributors and testers! Escpecially to Niclas Dauster for the full-text search feature. And to Raphaël Vinot for the new sources.

Feedback and Support

If you encounter any issues or have suggestions, please open a ticket on our GitHub repository:
https://github.com/vulnerability-lookup/vulnerability-lookup/issues/
Your feedback is always appreciated!

Follow Us on Fediverse/Mastodon

Stay updated on security advisories in real time by following us on Mastodon:
https://social.circl.lu/@vulnerability_lookup/