News

The Shadowserver Foundation Honeypot Feed is now integrated as a source of sightings in Vulnerability-Lookup

 #Sightings#Honeypot#Shadowserver

We are glad to announce the immediate availability of vulnerability-related observations from The Shadowserver Foundation within Vulnerability-Lookup. This milestone wouldn’t have been possible without Piotr Kijewski. We developed a new sighting client, ShadowSight. This new client gathers vulnerability-related data directly from The Shadowserver Foundation, then reports the collected data to the Vulnerability-Lookup API as sightings. ShadowSight leverages insights on common vulnerabilities and exploited vulnerabilities from Shadowserver’s honeypot source. The source code of ShadowSight is available:

Read more →

January 22, 2025

Expanding Sources of Security Advisories and Sightings in Vulnerability-Lookup

 #Sightings#CSAF#FKIE#Microsoft#Mastodon#Bluesky

Security Advisories We’ve recently added new correlating sources for Security Advisories: Microsoft CSAF Security Advisories: https://vulnerability.circl.lu/recent#csaf_microsoft We’ve also added a new source from Fraunhofer FKIE, which provides a community reconstruction of the legacy JSON NVD Data Feeds (at the end it’s more information). This is accessible at: https://vulnerability.circl.lu/recent#fkie_nvd One of the core strengths of Vulnerability-Lookup is its ability to correlate these new sources with existing ones. For example, you can view how vulnerabilities like CVE-2025-21385 appear across multiple sources:

Read more →

January 16, 2025

Vulnerability-Lookup 2.4.0 released 🚀

 #release

We’re really thrilled to unveil Vulnerability-Lookup 2.4.0! There should have been a video here but your browser does not seem to support it. This version includes new features, new importers, improvements and fixes. The key updates are highlighted below. 🔍 New Dashboard: Quickly access the top sighted vulnerabilities from the past month with a real-time, filterable interface. 📊 New Correlations Graph: Visualize relationships between sightings for deeper insights.

Read more →

January 10, 2025

Monitoring Gists

 #Sightings#Gist#GitHub

We’re expanding our coverage to include GitHub Gists as a valuable source of vulnerability sightings! Why Gists? Gists frequently contain sensitive leaked information, such as email address lists, passwords, API keys, SSH private keys, logs, zero-day exploits, or proof-of-concept (PoC) scripts for vulnerabilities. As part of the Vulnerability-Lookup project, we are now actively monitoring their creation in order to generate sightings related to vulnerabilities in our database.

Read more →

January 7, 2025

Vulnerability-Lookup 2.3.0 released

 #release

🎉 We’re really excited to unveil Vulnerability-Lookup 2.3.0—our festive Christmas Release! 🎄🎁 It includes new features, new importers, improvements and fixes. ✨ What’s New Pub/Sub Mechanism: A streaming service implemented using a Publish/Subscribe (Pub/Sub) pattern powered by Valkey. Available channels: vulnerability, comment, bundle, and sighting. For more details, see the documentation (#92). FediVuln now supports streaming information from a Valkey Pub/Sub service or an authenticated HTTP event-stream (both provided by Vulnerability-Lookup internals) to the Fediverse. Templates are used to render statuses, with the appropriate template selected based on the channel where the event originates. CISA Vulnrichment importer (as meta for CVE): The CISA Vulnrichment project is the public repository of CISA’s enrichment of public CVE records through CISA’s ADP (Authorized Data Publisher) container. In this phase of the project, CISA is assessing new and recent CVEs and adding key Stakeholder-Specific Vulnerability Categorization (SSVC) decision points. Once scored, some higher-risk CVEs will also receive enrichment of CWE and/or CVSS data points, where possible. The web interface will highlight this information related to the CVEs in the next release More information. (#42)

Read more →

December 17, 2024

Vulnerability-Lookup 2.2.0 released

 #release

We’re delighted to announce the release of Vulnerability-Lookup 2.2.0, packed with enhancements, new features, and bug fixes. What’s New Identity: Vulnerability-Lookup now has a beautiful new logo. New Statistics Namespace: The API now offers a dedicated namespace for statistics. Two new endpoints are currently available: /api/stats/vulnerability/most_sighted /api/stats/vulnerability/most_commented Both endpoints provide the option to return results in a Markdown table format. (7a2b8ed, d95b49c) You can use the API output directly to generate PDF reports:

Read more →

November 28, 2024

Vulnerability-Lookup 2.1.0 released

 #release

We’re thrilled to announce the release of version 2.1.0 of the Vulnerability-Lookup project! This update introduces new features primarily focused on vulnerability sightings, improvements and fixes. News A new API endpoint allows sightings to be created programmatically. Using dedicated tools, we gather observations from three main sources: The Fediverse with FediVuln, a client to collect vulnerability-related information from the Fediverse MISP with VulnerabilityLookupSighting, a client that retrieves vulnerability observations from a MISP server and pushes them to a Vulnerability Lookup instance RSS and Atom feeds Combined sightings for bundles: The page displaying bundle details now shows the combined sightings for all vulnerabilities within the bundle (48610fc) New RSS/Atom endpoints for sightings have been added, allowing parameters such as the sighting source to be used and the id of a vulnerability. This enables users to subscribe to activity on unpublished vulnerabilities. (6020294) Provide the possibility to comment not yet published vulnerabilities (f88f239) Changes Make drawBarChartHomePage faster (fa95945) Added a function in order to provide a small description about the vulnerabilities listed in the bundle page (8f04be1) Various enhancements to the home page and the charts based on user sightings Improved the API and the OpenAPI Swagger documentation Various improvements were made to the user interface Fixes Fixed an issue in the Marshalling for the Sightings in the API (5ccdbe2) Fixed the title of the RSS/Atom feed (311d2c4) Keep non-sensitive case search even if our ids are lowercase. (9fae6ea)

Read more →

November 14, 2024