#vulnerabilitylookup — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #vulnerabilitylookup, aggregated by home.social.
-
You can now browse VEX statements in Vulnerability-Lookup!
The new VEX page lets you explore 220k+ vendor VEX records (Red Hat, Microsoft MSRC, more coming), filter by source, search by CVE ID or title, see product statuses at a glance (fixed, known affected, not affected, under investigation) and pivot straight to the related vulnerability.
🔎 https://vulnerability.circl.lu/vex/
🧩 API: https://vulnerability.circl.lu/api/vex/#VEX #VulnerabilityLookup #CVE #GCVE #OpenSource #CyberSecurity
-
You can now browse VEX statements in Vulnerability-Lookup!
The new VEX page lets you explore 220k+ vendor VEX records (Red Hat, Microsoft MSRC, more coming), filter by source, search by CVE ID or title, see product statuses at a glance (fixed, known affected, not affected, under investigation) and pivot straight to the related vulnerability.
🔎 https://vulnerability.circl.lu/vex/
🧩 API: https://vulnerability.circl.lu/api/vex/#VEX #VulnerabilityLookup #CVE #GCVE #OpenSource #CyberSecurity
-
Vulnerability-Lookup 5.4.0 released! 🚀
Highlights:
🔎 VEX enrichment from Red Hat CSAF VEX documents — new /api/vex endpoints, a VEX tab and a VEX badge on vulnerability pages
🔐 Per-user enable/disable of CNA publication
📬 Admin overview for KEV catalog e-mail subscriptions, richer digest e-mails
🛠️ Feeder robustness fixeshttps://www.vulnerability-lookup.org/2026/07/10/vulnerability-lookup-5-4-0/
-
Vulnerability-Lookup 5.4.0 released! 🚀
Highlights:
🔎 VEX enrichment from Red Hat CSAF VEX documents — new /api/vex endpoints, a VEX tab and a VEX badge on vulnerability pages
🔐 Per-user enable/disable of CNA publication
📬 Admin overview for KEV catalog e-mail subscriptions, richer digest e-mails
🛠️ Feeder robustness fixeshttps://www.vulnerability-lookup.org/2026/07/10/vulnerability-lookup-5-4-0/
-
A Vulnerability-Lookup sighting client for Google's Tsunami Security Scanner plugin repository:
https://github.com/vulnerability-lookup/TsunamiSight
#vulnerability #vulnerabilityLookup #Sightings #Tsunami #Google #OpenSource
-
A Vulnerability-Lookup sighting client for Google's Tsunami Security Scanner plugin repository:
https://github.com/vulnerability-lookup/TsunamiSight
#vulnerability #vulnerabilityLookup #Sightings #Tsunami #Google #OpenSource
-
Bon, ce matin j’ai joué avec la jolie Apfel (https://apfel.franzai.com/), la petite passerelle CLI qui expose le framework LLM de la 🍎 sous macOS.
Comme pour le wrapper de virtualisation, j’adore ce genre de bidouille qui ouvre l’accès aux ressources internes du système. C’est franchement cool à voir tourner, et surtout il y a un avantage immédiat : pas de tokens externes cramés, pas de données qui vadrouillent, tout reste sur mon Mac.
Dans l’usage quotidien en revanche, on reste sur quelque chose d’à peu près aussi limité qu’une conversation actuelle avec Siri 😅
Les traductions FR/IT sont parfois… créatives, et côté assistant de dev Python, je ne l’ai pas trouvé particulièrement flamboyant.
Mais ça ouvre quand même des possibilités très sympas pour bricoler des raccourcis locaux sur macOS, à condition de réussir quelques tours de passe-passe pour ne pas se faire satelliser par les SystemLanguageModel.Guardrails d’Apple, qui ont le déclencheur franchement sensible dès qu’on prononce “infosec” ou “vulnérabilité” 👀 😁
Là par exemple, je fais traiter les données d’une vulnérabilité via la très belle passerelle VulnMCP : https://github.com/vulnerability-lookup/VulnMCP
#macOS #Apple #LLM #Apfel #MCP #FastMCP #VulnMCP
#VulnerabilityLookup #brew -
Bon, ce matin j’ai joué avec la jolie Apfel (https://apfel.franzai.com/), la petite passerelle CLI qui expose le framework LLM de la 🍎 sous macOS.
Comme pour le wrapper de virtualisation, j’adore ce genre de bidouille qui ouvre l’accès aux ressources internes du système. C’est franchement cool à voir tourner, et surtout il y a un avantage immédiat : pas de tokens externes cramés, pas de données qui vadrouillent, tout reste sur mon Mac.
Dans l’usage quotidien en revanche, on reste sur quelque chose d’à peu près aussi limité qu’une conversation actuelle avec Siri 😅
Les traductions FR/IT sont parfois… créatives, et côté assistant de dev Python, je ne l’ai pas trouvé particulièrement flamboyant.
Mais ça ouvre quand même des possibilités très sympas pour bricoler des raccourcis locaux sur macOS, à condition de réussir quelques tours de passe-passe pour ne pas se faire satelliser par les SystemLanguageModel.Guardrails d’Apple, qui ont le déclencheur franchement sensible dès qu’on prononce “infosec” ou “vulnérabilité” 👀 😁
Là par exemple, je fais traiter les données d’une vulnérabilité via la très belle passerelle VulnMCP : https://github.com/vulnerability-lookup/VulnMCP
#macOS #Apple #LLM #Apfel #MCP #FastMCP #VulnMCP
#VulnerabilityLookup #brew -
VulnMCP can now leverage multiple skills to classify vulnerability descriptions written in English, Russian, or Chinese.
https://github.com/vulnerability-lookup/VulnMCP
#AI #Orchestration #NLP #MCP #VulnerabilityLookup #Vulnerability #CVE #GCVE #Agentic #Python #OpenSource #Transformers
-
VulnMCP can now leverage multiple skills to classify vulnerability descriptions written in English, Russian, or Chinese.
https://github.com/vulnerability-lookup/VulnMCP
#AI #Orchestration #NLP #MCP #VulnerabilityLookup #Vulnerability #CVE #GCVE #Agentic #Python #OpenSource #Transformers
-
VulnMCP is an MCP server built with FastMCP that provides AI clients, chat agents, and other automated systems with tools for vulnerability management. It offers modular "skills" that can be easily extended or integrated, enabling intelligent analysis and automated insights on software vulnerabilities.
A new component in the galaxy of tooling of vulnerability-lookup.
Thanks to @cedric who is becoming an orchestrator for many AI tools nowadays.
#cve #gcve #vulnerability #vulnerabilitymanagement #opensource #ai #mcp #vulnerabilitylookup
-
📢 We’ve made some improvements to FediVuln (https://github.com/vulnerability-lookup/FediVuln) – our tool for monitoring the Fediverse (sightings) and posting updates from our main Vulnerability-Lookup instance (https://vulnerability.circl.lu).
Easily stay up-to-date with:
- New vulnerabilities
- Comments on existing vulnerabilities
- New vulnerability bundles🔔 You can follow updates via the bot: @vulnerability_lookup
#CyberSecurity #OpenSource #Fediverse #Vulnerability #Mastodon #VulnerabilityLookup
-
Maybe some of you are not aware about the @enisa_eu Known Exploited Vulnerabilities Catalog. In any case, it is now available via Vulnerability-Lookup:
https://vulnerability.circl.lu
and with the API:
https://vulnerability.circl.lu/api -
There's some cool sounding training on its way from @circl
CIRCL - Virtual Summer School (VSS) 2025
https://www.circl.lu/pub/vss-2025/
#MISP #AIL #LookyLoo #Lacus #Pandora #Kunai #DFIR #ThreatHunting #FlowIntel #Cerebrate #VulnerabilityLookup #GCVE
-
The Global CVE (GCVE) allocation system is decentralized approach to vulnerability identification and numbering. The GCVE registry is a key component.
For this reason the registry is digitally signed using an RSA public key with SHA-512.
Thanks to the GCVE Python client, updating your local copy of the registry and verifying its integrity is just one command away:
$ gcve registry --pull
Learn more: https://gcve.eu
#Vulnerability #CVD #CVE #GCVE #OpenSource #VulnerabilityLookup
-
RSS feed for CISA KEV vulnerabilities, powered by Vulnerability-Lookup:
#rss #cisa #cybersecurity #feed #OpenSource #OpenData #cve #VulnerabilityLookup
-
Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on #Fortinet #FortiGate Firewalls - Arctic Wolf
https://vulnerability.circl.lu/bundle/9a35bcae-d831-491f-945c-1fbd54769c38
CVE-2024-55591
CVE-2022-26118 -
I am a bit ashamed of this release but here it is, FediVuln 0.8.0:
https://github.com/CIRCL/FediVuln/releases/tag/v0.8.0
which is providing sightings for Vulnerability-Lookup from the Fediverse and since recently capable of sending status related to new bundles and comments !
-
Vulnerability-Lookup 2.3.0 released
Vulnerability-Lookup 2.3.0, a Christmas release, introduces a Pub/Sub mechanism, CISA Vulnrichment, CWE/CAPEC, and NCSC-NL importers, along with other new features and fixes. The update also includes a new website, improved lookups, and added user configurability.
#opensource #vulnerability #vulnerabilitylookup #cve
🔗 Release notes https://www.vulnerability-lookup.org/2024/12/17/vulnerability-lookup-2-3-0/
🔗 Online version https://vulnerability.circl.lu/ -
We have a released a new version of Vulnerability-Lookup!
Have a look at all the changes:
https://github.com/cve-search/vulnerability-lookup/releases/tag/v2.2.0#security #Vulnerability #cve #OpenSource #Python #VulnerabilityLookup