News
Vulnerability Report - October 2025
All vulnerability reports Introduction This vulnerability report has been generated using data aggregated on Vulnerability-Lookup, with contributions from the platform’s community.
November 4, 2025
Vulnerability Lookup and GCVE: A Decentralized Approach to Vulnerability Publishing and Management Workshop at Hack.lu 2025
This hands-on workshop at hack.lu 2025 introduced the open-source Vulnerability Lookup project and the Global Common Vulnerabilities and Exposures (GCVE) initiative, two complementary efforts designed to modernize and decentralize the way vulnerabilities are published, shared, and consumed. Participants discovered how Vulnerability Lookup acts as a collaborative platform for collecting, enriching, and analyzing vulnerability data, supporting every stage of the vulnerability management lifecycle, from discovery and prioritization to tracking remediation and assessing exposure. The session introduced GCVE, a next-generation, decentralized framework for vulnerability identification that empowers organizations to act as GCVE Numbering Authorities (GNAs) with greater autonomy and flexibility.
October 24, 2025
Vulnerability-Lookup 2.17.0 released
We’re happy to announce the release of Vulnerability-Lookup 2.17.0 — introducing new data integrations, API improvements, and multiple security and stability fixes. What’s New New Sightings and Integrations Public PoC Sightings — Vulnerabilities with a known public proof of concept can now be tracked directly. (#245) ENISA KEV Catalog — Integration of the European Union Agency for Cybersecurity’s Known Exploited Vulnerabilities catalog adds an authoritative new layer of intelligence. (#237) Metasploit Sightings — Automatically detect and list vulnerabilities referenced in Metasploit modules. (#228) Sploitus RSS — Fetch exploit information from Sploitus feeds. (#227) API Enhancements Added bulk DELETE endpoints for sightings. (commit a514920) Changes Command-line tools now provide an option to delete sightings matching a regular expression. (commit 0859260) Regex matching for new sightings has been tightened to require full matches, improving data consistency. (commit 71387fc) Fixes A major focus of 2.17.0 is hardening the platform against potential injection and logic issues. Highlights include:
October 13, 2025
Vulnerability Report - September 2025
All vulnerability reports Introduction This vulnerability report has been generated using data aggregated on Vulnerability-Lookup, with contributions from the platform’s community.
October 3, 2025
Vulnerability-Lookup 2.16.0 released
We’re delighted to announce the release of Vulnerability-Lookup 2.16.0 — packed with exciting new features! There should have been a video here but your browser does not seem to support it. What’s New Backend Introduced source-scoped kvrocks counters and source-scoped sorted indexes for vulnerability advisories by state (published, updated, reserved). (#211, PR #215) Examples of newly available queries:
September 19, 2025
Vulnerability Report - August 2025
All vulnerability reports Introduction This vulnerability report has been generated using data aggregated on Vulnerability-Lookup, with contributions from the platform’s community.
September 11, 2025
Two New feeds from CERT-FR (ANSSI) integrated in Vulnerability-Lookup
Two New feeds from CERT-FR are now integrated in Vulnerability-Lookup. Thanks to the great work of Raphaël Vinot, we now have two new feeders: CERT-FR Alerte, and CERT-FR Avis We were impressed by the excellent quality of these feeds, which allowed us to automatically extract impacted products (CPE vendors & names) and references to enrich our Kvrocks indexes. Correlations As with all our sources, advisories from CERT-FR are now automatically correlated with the other 27 (!) sources available on the CIRCL instance: https://vulnerability.circl.lu/about#sources
August 29, 2025
Vulnerability Report - July 2025
All vulnerability reports Introduction This vulnerability report has been generated using data aggregated on Vulnerability-Lookup, with contributions from the platform’s community.
August 23, 2025
Vulnerability-Lookup 2.15.0 released
We are excited to announce the release of Vulnerability-Lookup 2.15.0! This version brings new features, performance improvements, and several bug fixes. What’s New Detecting vulnerabilities known only through sightings The dashboard now highlights vulnerabilities discovered via our sighting tools, including scraping social networks, MISP, Nuclei templates, Shadowserver, Gist, and more. This gives you better visibility of unpublished advisories.
August 22, 2025
Vulnerability-Lookup 2.14.0 released
We’re glad to announce verion 2.14.0 of Vulnerability-Lookup! This version introduces several new features, enhancements, and fixes. What’s New New Watchlist View You can now view your monitored products and their related vulnerabilities directly in the browser, mirroring the structure of email notifications. Authenticated RSS/Atom feeds are available. (#181) There should have been a video here but your browser does not seem to support it. (enable audio in the screencast)
July 25, 2025