OpenCVE is an open-source platform that helps you monitor and manage CVEs efficiently.
It aggregates vulnerabilities from multiple sources (MITRE, NVD, RedHat, Vulnrichment...) and lets you filter, track, and organize them by vendor, product, severity, and more.
You can subscribe to products, receive alerts, analyze changes, and collaborate with your team — all through a simple and powerful interface.
- Filter CVEs by vendor, product, CVSS, CWE, publication date, and more.
- Subscribe to vendors and products, and organize your monitoring with projects and organizations.
- Save complex filters as reusable Views (public or private).
- Classify CVEs with custom tags (e.g. unread, critical, assigned-to-dev).
- Receive alerts instantly via email or webhook (Slack and Teams coming soon).
- Access the complete change history of CVEs: scores, descriptions, references, etc.
- Generate daily reports by project to stay ahead.
- Build your own dashboard with widgets like "CVEs per project" or "CVEs per view".
- Drag, resize, and save layouts per organization.
Use the hosted version at https://www.opencve.io — no setup required.
Run OpenCVE on your own infrastructure using Docker. See the installation guide for more details.
OpenCVE is actively developed and regularly improved.
⭐ Star this repository and 🔔 watch releases to be notified of future updates.
